The IT Law Wiki


32,074pages on
this wiki
Add New Page
Add New Page Talk0

Definition Edit

Overlay is

[a] specification of security controls, control enhancements, supplemental guidance, and other supporting information employed during the National Institute of Standards and Technology (NIST) 800-53 tailoring process, intended to complement (and further refine) security control baselines. The overlay specification may be more stringent or less stringent than the original security control baseline specification and can be applied to multiple information systems.[1]

References Edit

  1. 12 FAM 090 (full-text).

Also on Fandom

Random Wiki