NIST Risk Management Framework

Risk Management Framework (RMF) - Authorize Step

At A Glance

Purpose: Provide accountability by requiring a senior official to determine if the security and privacy risk based on the operation of a system or the use of common controls, is acceptable.

Outcomes:

authorization package (executive summary, system security and privacy plan, assessment report(s), plan of action and milestones)
risk determination rendered
risk responses provided
authorization for the system or common controls is approved or denied

Resources for Implementers

RMF Quick Start Guide (QSG): Authorize Step FAQs

Supporting NIST Publications

There are additional supporting publications for the Authorize Step.

Back to About the RMF

Project Links

Overview FAQs News & Updates Events Publications Presentations

Additional Pages

Contacts

NIST Risk Management Framework Team
sec-cert@nist.gov

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

NIST Risk Management Framework RMF

Project Links

Risk Management Framework (RMF) - Authorize Step

At A Glance

Resources for Implementers

Project Links

Additional Pages

Contacts

Group

Topics

Related Projects

Additional Pages

Contacts

Group

Topics

Related Projects