- Security and Privacy Controls for Federal Information Systems and Organizations (NIST SP 800-53, Revision 4)
- NIST Special Publication 800-37 (rev 1): Guide for Applying the Risk Management Framework to Federal Information Systems
- Creating a Patch and Vulnerability Management Program
- Framework for Improving Critical Infrastructure Cybersecurity
- NIST SP 800-39 Managing Information Security Risk: March 2011