NIST Risk Management Framework

Purpose: Implement the controls in the security and privacy plans for the system and organization

Outcomes:

RMF Quick Start Guide (QSG): Implement Step FAQs
Security Configuration Settings
Multiple Supporting NIST Publications include templates
- Examples include: SP 800-88, Guidelines for Media Sanitization, SP 800-34 Revision 1, Contingency Planning Guide for Federal Information Systems, Draft SP 800-47, Managing the Security of Information Exchanges

NIST SP 800-34, Contingency Planning Guide for Federal Information Systems

Discusses essential contingency plan elements and processes, highlights specific considerations and concerns associated with contingency planning for
various types of systems.
Provides examples to assist readers in developing their own system contingency plans.

NIST SP 800-61, Computer Security Incident Handling Guide

Assists organization in mitigating the risks from computer security incidents by
providing practical guidelines on responding to incidents effectively and efficiently.
Guidelines on establishing an effective incident response program, and detecting, analyzing, prioritizing, and handling incidents.

NIST SP 800-128, Guide for Security-Focused Configuration Management of Information Systems

Guidance focused on implementation of the system security aspects of configuration management, and as such the term security-focused configuration management (SecCM) is used to emphasize the concentration on information security.
Details the process of applying SecCM practices to systems is described; the goal of SecCM activities is to manage and monitor the configurations of systems to achieve adequate security and minimize organizational risk while supporting the desired business functionality and services.

Many additional NIST publications, available on the CSRC.