Cybersecurity Framework
Status:
Final
Informative Reference Version:
1.0.0
Focal Document Version:
1.1
Summary:
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.
Target Audience:
This publication serves individuals associated with the design, development, implementation, assessment, operation, maintenance, and disposition of information systems.
Comprehensive:
Yes
Comments:
N/A
Point of Contact:
olir@nist.gov
Category of Submitter:
Public Sector
Dependencies/Requirements:
N/A
Citations:
N/A
bc8c42422fefb65af2f48a0945b905d064783815837972f57acab7a46c5bc386
Reference Document Author:
Reference Document:
NIST Special Publication 800-37 Revision 2
Reference Document Date:
12/01/2018
Reference Document URL:
https://csrc.nist.rip/external/nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf
Reference Developer:
National Institute of Standards and Technology
Posted Date:
November 23, 2021