Mapping & Analysis: NIST Privacy Framework to Risk Management Framework 800-53A Assessment Objectives

Sources:

• Organization: National Institute of Technology (NIST)
• Data Sources:
• Privacy Framework v1.0
• NIST 800-53A

NIST has provided a cross walk from the Privacy Framework (PF) to the Risk Management Framework (RMF) 800-53 security controls. The bar chart below displays these blended data sets and maps the PF to the 800-53A assessment objectives. Here is some summary count info by CSF Function:

1. Identify (ID) = 306 assessment objectives
2. Govern (GV) = 851 assessment objectives
3. Control (CT) = 515 assessment objectives
4. Communicate (CM) = 263 assessment objectives
5. Protect (PR) = 1016 assessment objectives

Link to the corresponding table chart - here.