NIST is seeking public comments on Draft NISTIR 8204, Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template

NIST is seeking public comments on Draft NISTIR 8204,Cybersecurity Framework Online Informative References (OLIR) Submissions: Specification for Completing the OLIR Template.

The Framework for Improving Critical Infrastructure Cybersecurity (Cybersecurity Framework) lists several related cybersecurity documents as Informative References (References). References show relationships between the Cybersecurity Framework’s functions, categories, and subcategories and specific sections of standards, guidelines, and best practices. References are often more detailed than the functions, categories, and subcategories and illustrate ways to achieve those outcomes. References suggest how to use a given cybersecurity document in coordination with the Framework for the purposes of cybersecurity risk management.

Draft NIST 8204 provides a robust method of defining relationships between Reference elements and Cybersecurity Framework Core elements. Reference developers can use Draft NISTIR 8204 to help prepare their Informative Reference submissions for NIST’s consideration and subsequent public feedback.  The envisioned development and public feedback process can be reviewed at https://www.nist.gov/cyberframework/reference-submission-page.