NIST Special Publication 800-37
NIST Special Publication 800-37, "Guide for Applying the Risk Management Framework to Federal Information Systems" was developed by the Joint Task Force Transformation Initiative Working Group. It aims to transform the traditional Certification and Accreditation (C&A) process into the six-step Risk management framework (RMF).
The second step of the RMF is to select the appropriate subset of security controls from the control catalog in NIST Special Publication 800-53.
External links
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.