National Institute of Standards and Technology (NIST) SP 800-53

The US Federal Risk and Authorization Management Program (FedRAMP) was established to provide a standardized approach for assessing, monitoring, and authorizing cloud computing products and services. FedRAMP is based on the National Institute of Standards and Technology (NIST) SP 800-53 standard, augmented by FedRAMP controls and control enhancements. For more information about Azure support for NIST SP 800-53 controls, see Azure FedRAMP documentation.


NIST SP 800-53 Rev. 4 was withdrawn on 23 September 2021 and superseded by NIST SP 800-53 Rev. 5.

Azure Policy regulatory compliance built-in initiatives

For extra customer assistance, Microsoft provides the Azure Policy regulatory compliance built-in initiatives for Azure and Azure Government, which map to NIST SP 800-53 compliance domains and controls:

Regulatory compliance in Azure Policy provides built-in initiative definitions to view a list of controls and compliance domains based on responsibility – customer, Microsoft, or shared. For Microsoft-responsible controls, we provide extra audit result details based on third-party attestations and our control implementation details to achieve that compliance. Each NIST SP 800-53 control is associated with one or more Azure Policy definitions. These policies may help you assess compliance with the control; however, compliance in Azure Policy is only a partial view of your overall compliance status. Azure Policy helps to enforce organizational standards and assess compliance at scale. Through its compliance dashboard, it provides an aggregated view to evaluate the overall state of the environment, with the ability to drill down to more granular status.

Microsoft Sentinel NIST SP 800-53 solution

Microsoft Sentinel is a cloud service that provides intelligent security analytics and threat intelligence across the enterprise. To help you address NIST SP 800-53 control requirements at scale, Microsoft provides the Microsoft Sentinel NIST SP 800-53 solution, which can help you gain situational awareness regarding your security posture. The solution delivers a single pane of glass for aggregating and managing data at scale to provide maximum visibility into cloud, on-premises, hybrid, and multi-cloud workloads.

The solution contains:

  • Workbook – Provides a dashboard that relies on Azure Policy, Azure Resource Graph, and Azure Monitor Log Analytics to align with NIST SP 800-53 control requirements across Azure, Microsoft 365, multi-cloud, on-premises, and hybrid workloads. It also provides recommendations for selecting, designing, deploying, and configuring Microsoft cloud services for alignment with respective NIST SP 800-53 requirements and best practices.
  • Analytics rules – Provide an alerting mechanism designed to monitor Azure policies aligned to the NIST SP 800-53 regulatory compliance built-in initiative. The alert gets triggered if policy compliance falls below 70 percent within one week, or as configured per organizational requirements.
  • Playbooks – Drive consistent and automated responses, ensuring that security teams can focus on providing remediation based on insights collected from Microsoft Sentinel instead of navigating across portals for relevant data. Automation allows you to notify impacted teams of findings via email and Teams chat, and document change requirements within IT service management tooling such as Azure DevOps.

To get started, go to your Azure or Azure Government portal to access the solution:

  • Microsoft Sentinel > Content Hub > Search “NIST SP 800-53” > Install > Create > Configure Options > Review + Create

For more information, see the Microsoft Sentinel NIST SP 800-53 solution.