Accessibility Tools

Skip to main content

Access World-Class NIST RMF Documentation with ASP Learn More

NIST 800-53, Rev. 4 vs. Rev. 5 - Notable Differences

Arlington Security Portal

Get Access to 100 + NIST RMF security and privacy policies & procedures, programs, and plan templates.

The differences between NIST 800-53, Rev. 4 vs. Rev. 5 are considerable as NIST SP 800-53, Revision 5 adds 66 new base controls, 202 new control enhancements and 131 new parameters to existing controls. Furthermore, there are 90 newly withdrawn controls that have been incorporated into or moved to other controls, along with 92 previously withdrawn controls, resulting in a total of 1007 controls and enhancements in NIST SP 800-53, Revision 5.

Other changes include the following:

  • Two additional control families have been added: Personally Identifiable Information Processing and Transparency (PT), and Supply Chain Risk Management (SR).
  • The Program Management family also grew considerably in terms of the number of controls.
  • The privacy measures previously outlined in Appendix J of revision 4 have now been incorporated into the main body of controls.
  • Because of growing supply chain threats, NIST has grouped the supply chain risk management functions into their own family.

Note that NIST SP 800-53, Revision 4 was retired as of September 23rd, 2021, so say hello to NIST SP 800-53, Revision 5 and the massive new control requirements put forth by NIST.

Trusted Providers of NIST RMF Services & Solutions

Arlington offers the following NIST RMF services & solutions to DoD and other federal contractors:

  • Compliance Reporting for FedRAMP, FISMA, eMASS, CMMC, 800-171, ITAR/EAR, and more.
  • Scoping & Gap Assessments
  • Policies & Procedures Development
  • Program Documentation Development
  • System Security Plans (SSP)
  • Security Assessment Reports (SAR)
  • Remediation Assistance
  • ATO Assistance

100 + NIST 800-53 Templates Available for Download for Federal Contractors

The solution for federal contractors is the Arlington Security Portal (ASP), an online repository of world-class, industry leading security and privacy policies & procedures, programs, plans – and other highly essential documents & templates developed specifically on NIST SP 800-53, Revision 5. 

About Arlington

We are Arlington, a team of innovative, solution-oriented, highly agile, and well-versed professionals with decades of experience in working with America’s defense industry. From emerging cybersecurity regulations to helping our clients solve complex security & compliance solutions – and so much more – you can trust Arlington, the firm that’s Dedicated to Defense®.  Learn more at