U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

National Online Informative References Program OLIR

SP800-37-Rev-2-to-Framework-v1.1 Informative Reference Details

Cybersecurity Framework

Informative Reference Information

Status:
Final

Informative Reference Version:
1.0.0

Focal Document Version:
1.1

Summary:
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

Target Audience:
This publication serves individuals associated with the design, development, implementation, assessment, operation, maintenance, and disposition of information systems.

Comprehensive:
Yes

Comments:
N/A

Point of Contact:
olir@nist.gov

Category of Submitter:
Public Sector

Dependencies/Requirements:
N/A

Citations:
N/A

SHA3-256

bc8c42422fefb65af2f48a0945b905d064783815837972f57acab7a46c5bc386

Authority

Owner

Reference Document Author:
National Institute of Standards and Technology

Reference Document:
NIST Special Publication 800-37 Revision 2

Reference Document Date:
12/01/2018

Reference Document URL:
https://csrc.nist.rip/external/nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf

Reference Developer:
National Institute of Standards and Technology

Posted Date:
November 23, 2021

Contacts

National Online Informative References Program
olir@nist.gov

Topics

Security and Privacy: testing & validation

Applications: cybersecurity framework

Created September 08, 2020, Updated December 08, 2021