STIGs RMF Controls Compare

STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago

Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.

NIST 800-53 Controls

Browse 862 security and privacy controls across 26 families. (filtered to Moderate, Privacy, No Baseline baselines)

Each control is linked to DISA CCI identifiers and STIG checks. Search for fast lookup by control ID or CCI. Switch to Rev 5 for the latest controls.

Control Families

All Controls862

AC Access Control112 AP Authority and Purpose2 AR Accountability, Audit, and Risk Management8 AT Awareness and Training10 AU Audit and Accountability58 CA Assessment, Authorization, and Monitoring22 CM Configuration Management50 CP Contingency Planning48 DI Data Quality and Integrity5 DM Data Minimization and Retention6 IA Identification and Authentication56 IP Individual Participation and Redress6 IR Incident Response34 MA Maintenance26 MP Media Protection22 PE Physical and Environmental Protection50 PL Planning10 PM Program Management16 PS Personnel Security15 RA Risk Assessment13 SA System and Services Acquisition86 SC System and Communications Protection116 SE Security2 SI System and Information Integrity82 TR Transparency5 UL Use Limitation2

PM — Program Management

16 base controls

PM-1Information Security Program Plan

17 CCIs

PM-2Senior Information Security Officer

1 CCIs

PM-3Information Security Resources

8 CCIs

PM-4Plan of Action and Milestones Process

14 CCIs

PM-5System Inventory

4 CCIs

PM-6Information Security Measures of Performance

6 CCIs

PM-7Enterprise Architecture

4 CCIs

PM-8Critical Infrastructure Plan

4 CCIs

PM-9Risk Management Strategy

5 CCIs

PM-10Authorization Process

7 CCIs

PM-11Mission/business Process Definition

6 CCIs

PM-12Insider Threat Program

1 CCIs

PM-13Information Security Workforce

2 CCIs

PM-14Testing, Training, and Monitoring

21 CCIs

PM-15Contacts with Security Groups and Associations

6 CCIs

PM-16Threat Awareness Program

1 CCIs