Tag - SP 800-37

Entries feed - Comments feed

Wednesday, October 3 2018

NIST SP 800-37 Rev.2: RMF for Information Systems and Organizations- FINAL DRAFT Open for Comments

This publication provides guidelines for applying the Risk Management Framework (RMF) to information systems and organizations. The RMF provides a disciplined, structured, and flexible process for managing security and privacy risk that includes information system categorization; control selection, implementation, and assessment; system and common control authorizations; and continuous monitoring.

Continue reading...