Your Cart is Empty
Menu
-
- View NIST RMF Control Families
- Access Control (AC)
- Awareness and Training (AT)
- Audit and Accountability (AU)
- Assessment, Authorization and Monitoring (CA)
- Configuration Management (CM)
- Contingency Planning (CP)
- Identification and Authentication (IA)
- Incident Response (IR)
- Maintenance (MA)
- Media Protection (MP)
- Physical and Environment Protection (PE)
- Planning (PL)
- Program Management (PM)
- Personnel Security (PS)
- PII Processing and Transparency (PT)
- Risk Assessment (RA)
- System and Services Acquisition (SA)
- System and Communications Protection (SC)
- System and Information Integrity (SI)
- Supply Chain Risk Management (SR)
- View All
- View Compliance Toolkits
- Enterprise
- About ASP
- FAQ
-
- ← Main Site
- Company
- Resources
- Blog
- Submit RFP
- Login
View NIST RMF Control Families
Add description, images, menus and links to your mega menu
A column with no settings can be used as a spacer
Link to your collections, sales and even external links
Add up to five columns
Add description, images, menus and links to your mega menu
A column with no settings can be used as a spacer
Link to your collections, sales and even external links
Add up to five columns
NIST SP 800-53 Access Control Policy and Procedures for Federal Contractors
July 10, 2023 2 min read
NIST SP 800-53 Access Control Policy and Procedures for Federal Contractors
A strict requirement for federal contractors providing essential services to federal agencies is developing a wide-range of information security and privacy controls. Whatever the compliance mandate being imposed upon federal contractors is - FISMA, FedRAMP, eMASS RMF, DFARS NIST 800-171, CMMC, and more - information security and privacy policies and procedures are a must. Additionally, such documentation must be developed in accordance with none other than NIST SP 800-53, the unquestioned framework that’s been adopted by federal agencies - and federal contractors - since 2005.
Reporting Requirements
So, what are the reporting requirements in terms of documentation for the Access Control (AC) family within NIST SP 800-53? According to NIST SP 800-53, “access control policy and procedures address the controls in the AC family that are implemented within systems and organizations. The risk management strategy is an important factor in establishing such policies and procedures.”
Specifically, Per AC-1 of NIST SP 800-53, organizations are to “...develop, document, and disseminate…” an access control policy and procedure. Additionally, within the AC family itself (i.e., AC-1 to AC-25) there are numerous controls that also require organizations to document how such controls are implemented.
How to Get Started
Start by downloading our world-class NIST RMF Security and Privacy Policies and Procedures templates at the Arlington Security Portal (ASP), which includes access to our access control policy and procedures template, and other additional documents required for the Access Control (AC) family within NIST SP 800-53. .
How Arlington Can Help
We have years of experience working within the broader federal agency apparatus in helping federal contractors develop high-quality, well-written, policies and procedures and additional NIST RMF information security and privacy materials. Our NIST RMF information security and privacy policies, procedures, programs, and plans have been used by thousands of federal contractors in helping organizations develop customized documentation for their growing security and compliance needs.
About Arlington
We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®. Learn more at arlingtonintel.com.