NIST 800-53 is a publication that defines these requirements and gives federal agencies and contractors security and privacy controls, along with guidance on choosing the appropriate data protection measures for their organization’s needs.