STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 5 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

NIST 800-53 Controls

Browse 1205 security and privacy controls across 28 families.

Each control is linked to DISA CCI identifiers and STIG checks. Search for fast lookup by control ID or CCI.

Control Families

All Controls1205

AC Access Control143 AP Authority and Purpose2 AR Accountability, Audit, and Risk Management8 AT Awareness and Training17 AU Audit and Accountability66 CA Assessment, Authorization, and Monitoring31 CM Configuration Management66 CP Contingency Planning51 DI Data Quality and Integrity5 DM Data Minimization and Retention6 IA Identification and Authentication74 IP Individual Participation and Redress6 IR Incident Response42 MA Maintenance30 MP Media Protection26 PE Physical and Environmental Protection59 PL Planning16 PM Program Management37 PS Personnel Security18 PT PII Processing and Transparency21 RA Risk Assessment25 SA System and Services Acquisition145 SC System and Communications Protection159 SE Security2 SI System and Information Integrity116 SR Supply Chain Risk Management27 TR Transparency5 UL Use Limitation2

PM — Program Management

32 base controls

PM-1Information Security Program Plan17 CCIs

PM-2Information Security Program Leadership Role1 CCIs

PM-3Information Security and Privacy Resources8 CCIs

PM-4Plan of Action and Milestones Process14 CCIs

PM-5System Inventory4 CCIs

PM-6Measures of Performance6 CCIs

PM-7Enterprise Architecture4 CCIs

PM-8Critical Infrastructure Plan4 CCIs

PM-9Risk Management Strategy5 CCIs

PM-10Authorization Process7 CCIs

PM-11Mission and Business Process Definition6 CCIs

PM-12Insider Threat Program1 CCIs

PM-13Security and Privacy Workforce2 CCIs

PM-14Testing, Training, and Monitoring21 CCIs

PM-15Security and Privacy Groups and Associations6 CCIs

PM-16Threat Awareness Program1 CCIs

PM-17Protecting Controlled Unclassified Information on External Systems6 CCIs

PM-18Privacy Program Plan18 CCIs

PM-19Privacy Program Leadership Role4 CCIs

PM-20Dissemination of Privacy Program Information5 CCIs

PM-21Accounting of Disclosures8 CCIs

PM-22Personally Identifiable Information Quality Management8 CCIs

PM-23Data Governance Body3 CCIs

PM-24Data Integrity Board2 CCIs

PM-25Minimization of Personally Identifiable Information Used in Testing, Training, and Research10 CCIs

PM-26Complaint Management11 CCIs

PM-27Privacy Reporting8 CCIs

PM-28Risk Framing8 CCIs

PM-29Risk Management Program Leadership Roles4 CCIs

PM-30Supply Chain Risk Management Strategy7 CCIs

PM-31Continuous Monitoring Strategy23 CCIs

PM-32Purposing2 CCIs