NIST SP 800-37 Guide for Applying the Risk Management Framework to Federal Information Systems is prepared by The National Institute of Standards and Technology
The purpose of SP 800-37 Rev 1 is to provide guidelines for applying the Risk Management Framework to federal information systems to include conducting the acti
This publication provides guidelines for applying the Risk Management Framework (RMF) to federal information systems. The six-step RMF includes security categor
NIST SP 800-37 Revision 2 - Discussion Draft - Released 28 Sept 2017 This publication provides guidelines for applying the Risk Management Framework (RMF) to in
The purpose of the system security plan is to provide an overview of the security requirements of the system and describe the controls in place or planned for m