NIST SP 800-146
Cloud Computing Synopsis and Recommendations
Framework summaries on this platform are AI-assisted interpretations for educational and compliance planning purposes. They do not reproduce or replace the official standards. Refer to the authoritative source for the definitive text. Framework names and trademarks belong to their respective organisations.
Framework Domains (8)
Audit, Cost, and Continuous Improvement
| Code | Title |
|---|---|
| NISTSP146-8 | Cloud Auditing, Accountability, Cost Management, and Lessons Learned |
Cloud Adoption Strategy
| Code | Title |
|---|---|
| NISTSP146-1 | Cloud Adoption Strategy, Workload Suitability, and Decision Framework |
Deployment Model Operational Posture
| Code | Title |
|---|---|
| NISTSP146-5 | Deployment Model Recommendations (Public, Private, Community, Hybrid) |
IaaS Operational Posture
| Code | Title |
|---|---|
| NISTSP146-4 | IaaS Operational Recommendations and Workload Hardening |
Operational Quality and Portability
| Code | Title |
|---|---|
| NISTSP146-7 | Service Level, Performance, Reliability, Interoperability, and Portability |
PaaS Operational Posture
| Code | Title |
|---|---|
| NISTSP146-3 | PaaS Operational Recommendations and Application Portability |
SaaS Operational Posture
| Code | Title |
|---|---|
| NISTSP146-2 | SaaS Operational Recommendations and Provider Assurance |
Security and Privacy Posture
| Code | Title |
|---|---|
| NISTSP146-6 | Cloud Security and Privacy Recommendations |
Your Compliance Coverage
If you comply with NIST SP 800-146, you already cover:
OWASP MASVS
50%
4 controls mapped
Compare →OWASP ASVS
50%
4 controls mapped
Compare →ISO 27018
50%
4 controls mapped
Compare →+ 162 more: NIST Cybersecurity Framework 2.0 (50%), ISO 27019 (50%)
See all 165 mapped frameworks ↓Maps to 165 other frameworks
Frequently Asked Questions
What is NIST SP 800-146?
NIST SP 800-146 is a compliance framework from United States with 8 domains and 8 controls. Cloud Computing Synopsis and Recommendations It is used by organisations to establish and maintain compliance with industry standards and regulatory requirements.
How many controls does NIST SP 800-146 have?
NIST SP 800-146 has 8 controls organised across 8 domains. The largest domains are Audit, Cost, and Continuous Improvement (1 controls), Cloud Adoption Strategy (1 controls), Deployment Model Operational Posture (1 controls). Each control defines specific requirements that organisations must implement to achieve compliance.
What frameworks does NIST SP 800-146 map to?
NIST SP 800-146 maps to 165 other compliance frameworks. The top mapping partners are OWASP MASVS (50% coverage), OWASP ASVS (50% coverage), ISO 27018 (50% coverage). Use our comparison tool to explore control-level mappings between frameworks.
How do I get started with NIST SP 800-146 compliance?
Start your NIST SP 800-146 compliance journey by running a self-assessment on our platform to identify your current compliance posture. Our AI advisory can answer specific questions about NIST SP 800-146 requirements, and cross-framework mapping helps you leverage existing controls from other frameworks you may already comply with. Create a free account to access all 8 controls and track your progress.
Start Your Compliance Journey
Create a free account to run self-assessments, get AI advisory, and track your compliance progress across 723 frameworks.
Get Started Free →Free forever — no credit card required