U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

ITL Bulletin

The Next Generation Risk Management Framework (RMF 2.0): A Holistic Methodology to Manage Information Security, Privacy and Supply Chain Risk

Date Published: February 2019

Editor(s)

Victoria Pillitteri (NIST)

Abstract

Keywords

authorization to operate; authorization to use; authorizing official; continuous monitoring; information security; ongoing authorization; plan of action and milestones; privacy; privacy plan; privacy risk; risk assessment; risk executive function; risk management; risk management framework; security; security assessment report; security engineering; security plan; security risk; supply chain risk management; system development life cycle
Control Families

Assessment, Authorization and Monitoring; Configuration Management; Planning; Program Management; Risk Assessment

Documentation

Publication:
February 2019 ITL Bulletin (pdf)

Supplemental Material:
None available

Related NIST Publications:
SP 800-37 Rev. 2

Document History:
02/28/19: ITL Bulletin (Final)