U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects OLIR

National Online Informative References Program OLIR

SP800-37-Rev-2-to-Framework-v1.1 Informative Reference Details

Cybersecurity Framework

Download Informative Reference Resource

https://csrc.nist.rip/CSRC/media/Projects/olir/documents/submissions/SP800-37-Rev-2-to-Framework-v1.1.xlsx

Informative Reference Information

Status:
Final

Informative Reference Version:
1.0.0

Focal Document Version:
1.1

Summary:
This publication describes the Risk Management Framework (RMF) and provides guidelines for applying the RMF to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

Target Audience:
This publication serves individuals associated with the design, development, implementation, assessment, operation, maintenance, and disposition of information systems.

Comprehensive:
Yes

Comments:
N/A

Point of Contact:
olir@nist.gov

Category of Submitter:
Public Sector

Dependencies/Requirements:
N/A

Citations:
N/A

Generate Relationship Report

SHA3-256

bc8c42422fefb65af2f48a0945b905d064783815837972f57acab7a46c5bc386

Authority

Owner

Reference Document Author:
National Institute of Standards and Technology

Reference Document:
NIST Special Publication 800-37 Revision 2

Reference Document Date:
12/01/2018

Reference Document URL:
https://csrc.nist.rip/external/nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf

Reference Developer:
National Institute of Standards and Technology

Posted Date:
November 23, 2021

Contacts

National Online Informative References Program
olir@nist.gov

Topics

Security and Privacy: testing & validation

Applications: cybersecurity framework

Created September 08, 2020, Updated December 08, 2021