December 07, 2023 2 min read

NIST SP 800-53 eMASS Family of Controls for Cleared Industry

The control requirements found within eMASS’ exportable spreadsheets come directly from the NIST SP 800-53 publication.  Because of this, federal contractors working to achieve authorization designation will need to have in place comprehensive policies and procedures. To be specific, cleared contractors will need to have a large number of policies, procedures, programs, and plans in place for achieving Authorization to Operate (ATO) as part of the NISP NIST RMF A&A process within eMASS.

Over the years, developing NIST SP 800-53 specific security documents has been one of the most difficult, time-consuming, and challenging measures for cleared contractors.  To help speed the up the process greatly, we developed the Arlington Security Portal (ASP), an online repository of world-class, industry leading security policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on the NIST Risk Management Framework (RMF) 800 series of publications for information security, cybersecurity, and privacy control families.

The Enterprise Mission Assurance Support Service, commonly referred to as eMASS, is a critical cybersecurity management platform utilized by various U.S. government agencies to facilitate the management and documentation of their information security programs. eMASS serves as a centralized and standardized solution designed to streamline the assessment, authorization, and continuous monitoring processes required for ensuring the security of government information systems.

It plays a pivotal role in helping federal agencies adhere to the rigorous security standards and compliance frameworks mandated by the National Institute of Standards and Technology (NIST) and other regulatory bodies.

eMASS offers a comprehensive suite of tools and features that enable agencies to efficiently document their cybersecurity posture, manage risk assessments, and maintain compliance with various security frameworks.

The platform allows organizations to track and monitor security controls, generate required documentation such as System Security Plans (SSPs) and Plan of Actions and Milestones (POA&Ms), and provides a centralized repository for storing critical security-related data. eMASS plays a pivotal role in enhancing the security and resilience of government information systems by ensuring that they meet the stringent security requirements necessary for safeguarding sensitive data and supporting the mission-critical functions of federal agencies.


We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®.  Learn more at