NIST SP 800-144
Guidelines on Security and Privacy in Public Cloud Computing
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (8)
Architecture and Isolation
| Code | Title |
|---|---|
| NISTSP144-2 | Cloud Architecture, Service Selection, and Tenant Isolation |
Availability and Resilience
| Code | Title |
|---|---|
| NISTSP144-6 | Availability, Resilience, BCP/DR, and SLA Management |
Data Protection
| Code | Title |
|---|---|
| NISTSP144-3 | Data Classification, Handling, and Sovereignty |
Encryption and Keys
| Code | Title |
|---|---|
| NISTSP144-4 | Encryption, Key Management, and BYOK |
Governance and Trust
| Code | Title |
|---|---|
| NISTSP144-1 | Cloud Governance, Risk Assessment, and Provider Trust Evaluation |
Identity and Access
| Code | Title |
|---|---|
| NISTSP144-5 | Identity and Access in Cloud, Federation, and Privileged Access |
Monitoring and IR
| Code | Title |
|---|---|
| NISTSP144-8 | Monitoring, Incident Response, Exit Strategy, and Compliance |
Workload and Configuration
| Code | Title |
|---|---|
| NISTSP144-7 | Cloud Workload Protection, Containers, Serverless, and Configuration |
Your Compliance Coverage
If you comply with NIST SP 800-144, you already cover:
ISO 27018
88%
7 controls mapped
Compare →Azure Security Benchmark
88%
7 controls mapped
Compare →ASD Strategies to Mitigate Cyber Security Incidents
88%
7 controls mapped
Compare →+ 162 more: ISO 27017 (88%), AWS Well-Architected Security Pillar (88%)
See all 165 mapped frameworks ↓Maps to 165 other frameworks
Frequently Asked Questions
What is NIST SP 800-144?
NIST SP 800-144 is a compliance framework from United States with 8 domains and 8 controls. Guidelines on Security and Privacy in Public Cloud Computing It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does NIST SP 800-144 have?
NIST SP 800-144 has 8 controls organised across 8 domains. The largest domains are Architecture and Isolation (1 controls), Availability and Resilience (1 controls), Data Protection (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does NIST SP 800-144 map to?
NIST SP 800-144 maps to 165 other compliance frameworks. The top mapping partners are ISO 27018 (88% coverage), Azure Security Benchmark (88% coverage), ASD Strategies to Mitigate Cyber Security Incidents (88% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with NIST SP 800-144 compliance?
Start your NIST SP 800-144 compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about NIST SP 800-144 requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.
Get Started Free →Free forever — no credit card required