STIGs RMF Controls Compare

STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago

Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.

NIST 800-53 Controls

Baselines:All Low Moderate High Privacy No Baseline

Browse 342 security and privacy controls across 20 families. (filtered to Moderate, Low, Privacy baselines)

Each control is linked to DISA CCI identifiers and STIG checks. Search for fast lookup by control ID or CCI.

Control Families

All Controls342

AC Access Control40 AT Awareness and Training7 AU Audit and Accountability17 CA Assessment, Authorization, and Monitoring10 CM Configuration Management24 CP Contingency Planning23 IA Identification and Authentication24 IR Incident Response15 MA Maintenance9 MP Media Protection7 PE Physical and Environmental Protection19 PL Planning8 PM Program Management24 PS Personnel Security9 PT PII Processing and Transparency13 RA Risk Assessment11 SA System and Services Acquisition18 SC System and Communications Protection28 SI System and Information Integrity24 SR Supply Chain Risk Management12

PM — Program Management

22 base controls

PM-3Information Security and Privacy Resources

8 CCIs

PM-4Plan of Action and Milestones Process

14 CCIs

PM-6Measures of Performance

6 CCIs

PM-7Enterprise Architecture

4 CCIs

PM-8Critical Infrastructure Plan

4 CCIs

PM-9Risk Management Strategy

5 CCIs

PM-10Authorization Process

7 CCIs

PM-11Mission and Business Process Definition

6 CCIs

PM-13Security and Privacy Workforce

2 CCIs

PM-14Testing, Training, and Monitoring

21 CCIs

PM-17Protecting Controlled Unclassified Information on External Systems

6 CCIs

PM-18Privacy Program Plan

18 CCIs

PM-19Privacy Program Leadership Role

4 CCIs

PM-20Dissemination of Privacy Program Information

5 CCIs

PM-21Accounting of Disclosures

8 CCIs

PM-22Personally Identifiable Information Quality Management

8 CCIs

PM-24Data Integrity Board

2 CCIs

PM-25Minimization of Personally Identifiable Information Used in Testing, Training, and Research

10 CCIs

PM-26Complaint Management

11 CCIs

PM-27Privacy Reporting

8 CCIs

PM-28Risk Framing

8 CCIs

PM-31Continuous Monitoring Strategy

23 CCIs