The IT Law Wiki

Definition[]

A capabilities catalog is a

comprehensive list of device cybersecurity capabilities derived from analysis of comprehensive list of source documents for the application or sector.[1]

Overview[]

For the federal sector, NIST Special Publication 800-53, Rev. 5 "Security and Privacy Controls for Information Systems and Organizations" provided the definition of controls used to generate the NIST generated capabilities catalog used for the Federal profile.[2]

References[]