Appendix D: NIST Online Informative References (OLIR)

Health Care and Public Health Sector Cybersecurity Framework Implementation Guide

In late 2019, NIST began working with members of the NIST Cybersecurity Framework community to create and maintain a more comprehensive Online Informative Reference (OLIR) Catalog^[81] to supplement the limited number of Informative References provided in the NIST Cybersecurity Framework document.

The Catalog’s Informative References are developed by submitting parties according to NIST Interagency Report (IR) 8278A, National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers^[82], and are vetted by NIST for correctness. NIST also works closely with submitters regarding any necessary corrections to these Informative References and hosts links to both public draft and final versions.

Additional information on the NIST OLIR program can be found in NISTIR 8278, National Cybersecurity Online Informative References (OLIR) Program: Guidelines for OLIR Users and Developers.^[83]

⁸¹ NIST (2020a). Cybersecurity Framework: Informative Reference Catalog. 

⁸² Barrett, M., Keller, N., Quinn, S., Smith, M., and Scarfone, K. (2020, Nov). National Online Informative References (OLIR) Program: Submission Guidance for OLIR Developers (NISTIR 8278A), Gaithersburg, MD: NIST. 

⁸³ NIST (2020, Jan). National Cybersecurity Online Informative References (OLIR) Program: Guidelines for OLIR Users and Developers (NISTIR 8278), Gaithersburg, MD: Author.