The National Institute of Standards and Technology has released a major update to Security and Privacy Controls for Information Systems and Organizations SP 800-53. The first major update in seven years, revision 5 includes a new Supply Chain Risk Management (SCRM) control family (SR). SP 800-53 continues to be a cornerstone tome of effective cybersecurity policy and practice.
This publication provides a catalog of security and privacy controls for information systems and organizations to protect organizational operations and assets, individuals, other organizations, and the Nation from a diverse set of threats and risks, including hostile attacks, human errors, natural disasters, structural failures, foreign intelligence entities, and privacy risks. — NIST SP 800-53 r5