U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

National Online Informative References Program OLIR

SP800-37-Rev-2-to-Framework-v1.1 Informative Reference Details

Cybersecurity Framework

Informative Reference Information

Status:
Final

Informative Reference Version:
1.0.0

Focal Document Version:
1.1

Summary:
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

Target Audience:
This publication serves individuals associated with the design, development, implementation, assessment, operation, maintenance, and disposition of information systems.

Comprehensive:
Yes

Comments:
N/A

Point of Contact:
olir@nist.gov

Category of Submitter:
Public Sector

Dependencies/Requirements:
N/A

Citations:
N/A

SHA3-256

bc8c42422fefb65af2f48a0945b905d064783815837972f57acab7a46c5bc386

Authority

Owner

Reference Document Author:
National Institute of Standards and Technology

Reference Document:
NIST Special Publication 800-37 Revision 2

Reference Document Date:
12/01/2018

Reference Document URL:
https://csrc.nist.rip/external/nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf

Reference Developer:
National Institute of Standards and Technology

Posted Date:
November 23, 2021

Contacts

National Online Informative References Program
olir@nist.gov

Topics

Security and Privacy: testing & validation

Applications: cybersecurity framework

Created September 08, 2020, Updated December 08, 2021