home || catalog: SP800-53rev3 / class: Operational / family: (AT) Awareness and Training ||
search controls:
search nistpubs:

AC
AT

AT-01
AT-02
AT-03
AT-04
AT-05 *
AT-06

AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC
SI
MMMMM

  AT-05: Contacts with Security Groups and Associations  

base control objective:
The organization establishes and institutionalizes contact with selected groups and associations within the security community: - To facilitate ongoing security education and training for organizational personnel; - To stay up-to-date with the latest recommended security practices, techniques, and technologies; and - To share current security-related information including threats, vulnerabilities, and incidents.

supplemental objective information:
Ongoing contact with security groups and associations is of paramount importance in an environment of rapid technology changes and dynamic threats. Security groups and associations can include, for example, special interest groups, specialized forums, professional associations, news groups, and/or peer groups of security professionals in similar organizations. The groups and associations selected are consistent with the organization’s mission/business requirements. Information sharing activities regarding threats, vulnerabilities, and incidents related to information systems are consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidance.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: null     MOD: null     HIGH: null  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for AT-05:

Document Date Status Title
NIST SP800-40 November, 2005 current   Creating a Patch and Vulnerability Management Program

Search SP800-53rev3 catalog: