# NIST 800-53: Control Selection, Implementation, and Security Planning Course (Self-Paced) Canonical URL: ## Overview NIST Special Publication 800-53 Revision 5 is the authoritative catalog of security and privacy controls for federal information systems, spanning 20 control families, more than 1,000 controls and enhancements, and requirements for supply chain risk management, privacy, and outcome-based control language. This intermediate course develops the practitioner fluency that federal ISSOs, assessors, and system owners need to select, tailor, implement, and assess the controls that matter most. Participants work through the highest-impact control families, including Access Control, Audit and Accountability, Configuration Management, Incident Response, and System and Communications Protection, building skills in SSP documentation, assessment evidence collection, and POA&M management. This course is the prerequisite for the Advanced course in the NIST 800-53 Controls Bootcamp Package. ## What you'll learn - Explain the structure of NIST 800-53 Rev 5, including control anatomy, enhancement levels, and key changes from Rev 4. - Select a control baseline from NIST SP 800-53B and tailor it using scoping guidance, parameter assignments, and compensating controls. - Write implementation statements for AC, IA, AU, CM, IR, and SC control families that meet 800-53A evidence sufficiency standards. - Implement Privacy controls and SR (Supply Chain Risk Management) family requirements for applicable federal systems. - Apply 800-53A assessment procedures to produce objective, finding-grade evidence for a selected set of controls. - Identify and remediate common SSP deficiencies that cause OIG findings and assessor failures. - Develop a POA&M from assessment findings with milestone tracking, resource estimates, and FISMA reporting linkage. - Use automated GRC tools and SCAP-validated baselines to reduce manual documentation burden. ## Pricing **Tuition:** $1049