Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects FISMA Implementation Project Risk Management Framework: Quick Start Guides

FISMA Implementation Project FISMA

Risk Management Framework (RMF) - Prepare

The Prepare Step is new in the NIST SP 800-37, Rev. 2.  

The purpose of the Prepare Step is to carry out essential activities at the organization, mission and business process, and information system levels of the enterprise to help prepare the organization to manage its security and privacy risks using the Risk Management Framework.

All links below point to PDF files for the Prepare Step 

Frequently Asked Questions (FAQs)

Roles and Responsibilities

Back to RMF Chart 

Contacts

Ron Ross
ron.ross@nist.gov

Victoria Yan Pillitteri
victoria.yan@nist.gov

Kelley Dempsey
kelley.dempsey@nist.gov

Eduardo Takamura
eduardo.takamura@nist.gov

Jeff Brewer
jeffrey.brewer@nist.gov

Jody Jacobs
jody.jacobs@nist.gov

Ned Goren
nedim.goren@nist.gov

Topics

Security and Privacy: risk management

Laws and Regulations: E-Government Act, Federal Information Security Modernization Act

Created November 30, 2016, Updated December 03, 2020