NIST Special Publication 800-37

NIST Special Publication 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems" was developed by the Joint Task Force Transformation Initiative Working Group. It aims to transform the traditional Certification and Accreditation (C&A) process into the six-step Risk management framework (RMF).

The second step of the RMF is to select the appropriate subset of security controls from the control catalog in NIST Special Publication 800-53.

External links

NIST Special Publication 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems

This article is issued from Wikipedia - version of the 3/27/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.