U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

SP 800-37 Rev. 1

Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach

Date Published: February 2010 (Updated 6/5/2014)

Supersedes: SP 800-37 Rev. 1 (02/22/2010)

Author(s)

Joint Task Force Transformation Initiative

Abstract

Keywords

risk management framework; roles and responsibilities; security authorization; information systems; common controls; FISMA; categorize; security controls; continuous monitoring
Control Families

Assessment, Authorization and Monitoring; Configuration Management; Planning; Program Management; Risk Assessment