STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.

NIST 800-53 Controls

Rev 5Rev 4
Baselines:AllLowModerateHighPrivacyNo Baseline

Browse 96 security and privacy controls across 16 families. (filtered to Privacy baseline)

Each control is linked to DISA CCI identifiers and STIG checks. Search for fast lookup by control ID or CCI.

Control FamiliesAll Controls96
AC Access Control2AT Awareness and Training5AU Audit and Accountability4CA Assessment, Authorization, and Monitoring6CM Configuration Management2IR Incident Response10MP Media Protection2PE Physical and Environmental Protection1PL Planning6PM Program Management24PS Personnel Security1PT PII Processing and Transparency13RA Risk Assessment4SA System and Services Acquisition7SC System and Communications Protection1SI System and Information Integrity8

PM — Program Management

22 base controls

PM-3Information Security and Privacy Resources
8 CCIs
PM-4Plan of Action and Milestones Process
14 CCIs
PM-6Measures of Performance
6 CCIs
PM-7Enterprise Architecture
4 CCIs
PM-8Critical Infrastructure Plan
4 CCIs
PM-9Risk Management Strategy
5 CCIs
PM-10Authorization Process
7 CCIs
PM-11Mission and Business Process Definition
6 CCIs
PM-13Security and Privacy Workforce
2 CCIs
PM-14Testing, Training, and Monitoring
21 CCIs
PM-17Protecting Controlled Unclassified Information on External Systems
6 CCIs
PM-18Privacy Program Plan
18 CCIs
PM-19Privacy Program Leadership Role
4 CCIs
PM-20Dissemination of Privacy Program Information
5 CCIs
PM-21Accounting of Disclosures
8 CCIs
PM-22Personally Identifiable Information Quality Management
8 CCIs
PM-24Data Integrity Board
2 CCIs
PM-25Minimization of Personally Identifiable Information Used in Testing, Training, and Research
10 CCIs
PM-26Complaint Management
11 CCIs
PM-27Privacy Reporting
8 CCIs
PM-28Risk Framing
8 CCIs
PM-31Continuous Monitoring Strategy
23 CCIs