Date Published: February 2010 (Updated 6/5/2014)
Supersedes:
SP 800-37 Rev. 1 (02/22/2010)
Assessment, Authorization and Monitoring; Configuration Management; Planning; Program Management; Risk Assessment
Publication:
https://doi.org/10.6028/NIST.SP.800-37r1
Download URL
Supplemental Material:
Supplemental Guidance on Ongoing Authorization, (June 2014)
Press Release
Related NIST Publications:
Document History:
06/05/14: SP 800-37 Rev. 1 (Final)
audit & accountability, planning, risk assessment
Laws and RegulationsFederal Information Security Modernization Act, Homeland Security Presidential Directive 7, OMB Circular A-130