myctrl.tools
Home / U.S. Federal
U.S. Federal

U.S. Federal Security Frameworks

U.S. Federal government security frameworks including NIST, FedRAMP, and DoD requirements. 8557 controls across 37 frameworks.

v5.2.0 Federal Public Domain 1,196 controls

NIST SP 800-53

Security and Privacy Controls for Information Systems and Organizations

149 Low 287 Moderate 370 High 96 Privacy
v5 Federal Public Domain 410 controls

FedRAMP Rev 5

Federal Risk and Authorization Management Program Security Baselines

156 Low 323 Moderate 410 High 138 LI-SaaS
v0.9.0-beta Federal Public Domain 60 indicators

FedRAMP 20x KSI

Key Security Indicators for FedRAMP 20x authorization

55 Low 60 Moderate
vRev 5 Federal DoD Public Domain 622 controls

DoD SRG

DoD Cloud Computing Security Requirements Guide - FedRAMP+ controls by Impact Level

20 Families
vV2R4 Federal DoD Public Domain 94 findings

Kubernetes STIG

DoD Security Technical Implementation Guide for Kubernetes container orchestration

20 CAT I 74 CAT II 0 CAT III
v1.0 Federal AI Public Domain 72 actions

NIST AI RMF

AI Risk Management Framework Playbook - Suggested actions for trustworthy AI

4 Functions
v2014 Federal Open License 922 controls

ITSG-33

IT Security Risk Management - Canadian Government Security Control Catalogue

17 Families
v1.1 Federal Public Domain 42 tasks

NIST SSDF

Secure Software Development Framework - Practices for integrating security into SDLC

4 Groups
vRev 2 Federal Public Domain 110 requirements

NIST SP 800-171

Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations

14 Families
v2.0 Federal DoD Public Domain 110 practices

CMMC

Cybersecurity Maturity Model Certification for DoD contractors

17 Level 1 93 Level 2
vRev 5 Federal Open License 295 controls

GovRAMP

Government Risk and Authorization Management Program - Security Baselines for State and Local Government Cloud Services

144 Low 295 Moderate
vRev 1 Federal 307 controls

NIST SP 800-161

Supply Chain Risk Management

20 Families
vRev 3 Federal 382 requirements

NIST SP 800-171 Rev 3

CUI Protection Requirements Rev 3

17 Families
vRev 3 Federal 638 requirements

NIST SP 800-171A Rev 3

Assessing CUI Security Rev 3

17 Families
vRev 2 Federal 407 requirements

NIST SP 800-171A

Assessing CUI Security Requirements

14 Families
v2021 Federal 35 requirements

NIST SP 800-172

Enhanced Security for CUI

10 Families
v2020 Federal 7 requirements

NIST SP 800-207 Zero Trust

Zero Trust Architecture

1 Tenet
v1.1 Federal 60 practices

NIST SP 800-218 SSDF

Secure Software Development Framework

4 Groups
v1.0 Federal AI 261 requirements

NIST AI 600-1

Artificial Intelligence Risk Management

19 Functions
v2024 Federal 59 requirements

45 CFR 155.260

CMS Privacy and Security Standards

1 Section
v5.9.3 Federal 232 requirements

FBI CJIS

Criminal Justice Information Services Security Policy

10 Policy Areas
v2023 Federal 214 principles

US Data Privacy Framework

US-EU Data Privacy Framework

3 Categories
v3.0 Federal 117 capabilities

DHS TIC 3.0

Trusted Internet Connections

2 Use Cases
v2024 Federal 38 goals

CISA CPG

Cross-Sector Cybersecurity Performance Goals

5 Categories
v2024 Federal 15 requirements

CISA SSDAF

Secure Software Development Attestation Form

4 Sections
v2024 Federal Public Domain 18 goals

CISA Secure by Design

Principles and pledge goals for building cybersecurity into product design — jointly published by CISA, FBI, NSA, and 17+ international partners

3 Categories
v2.0 Federal DoD 16 practices

CMMC 2.0 Level 1

Cybersecurity Maturity Model Certification Level 1

7 Domains
v2.0 Federal DoD 59 objectives

CMMC 2.0 Level 1 AOS

CMMC Level 1 Assessment Objectives

6 Domains
v2024 Federal DoD 202 activities

DoD Zero Trust Roadmap

DoD Zero Trust Strategy Roadmap

7 Pillars
v2.0 Federal DoD 58 capabilities

DoD ZTA Reference Architecture

DoD Zero Trust Reference Architecture

8 Pillars
v2021 Federal 16 requirements

Executive Order 14028

Improving the Nations Cybersecurity

16 Sections
v2024 Federal 38 requirements

FCA CRM

Farm Credit Administration Cyber Risk Management

1 Section
v2024 Federal 8 principles

FIPPs

Fair Information Practice Principles

8 Categories
v2024 Federal 57 requirements

GLBA (16 CFR 314)

Gramm-Leach-Bliley Act Safeguards Rule

1 Section
v2013 Federal 1,114 requirements

HIPAA Simplification 2013

HIPAA Administrative Simplification

1 Subpart
v2024 Federal 249 requirements

NERC CIP

Critical Infrastructure Protection Standards

49 Standards
v2023 Federal 17 requirements

SEC Cybersecurity Rule

SEC Cybersecurity Risk Management Rule

2 Sections