|
gptkbp:instanceOf
|
risk management framework
|
|
gptkbp:appliesTo
|
federal information systems
organizations seeking to manage cybersecurity risk
|
|
gptkbp:countryOfOrigin
|
gptkb:United_States
|
|
gptkbp:developedBy
|
gptkb:National_Institute_of_Standards_and_Technology
|
|
gptkbp:documentedIn
|
gptkb:NIST_Special_Publication_800-37
|
|
gptkbp:firstPublished
|
2010
|
|
gptkbp:focusesOn
|
security controls
privacy controls
|
|
gptkbp:fullName
|
National Institute of Standards and Technology Risk Management Framework
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
NIST RMF
|
|
gptkbp:latestReleaseVersion
|
gptkb:NIST_SP_800-37_Revision_2
December 2018
|
|
gptkbp:purpose
|
to provide a structured process for managing security and privacy risk
|
|
gptkbp:relatedStandard
|
gptkb:NIST_SP_800-53
gptkb:FISMA
gptkb:NIST_Cybersecurity_Framework
gptkb:NIST_SP_800-39
|
|
gptkbp:step
|
prepare
assess security controls
authorize information system
categorize information system
implement security controls
monitor security controls
select security controls
|
|
gptkbp:usedBy
|
gptkb:U.S._federal_agencies
contractors handling federal data
|
|
gptkbp:website
|
https://csrc.nist.gov/publications/detail/sp/800-37/rev-2/final
|
|
gptkbp:bfsParent
|
gptkb:NIST_Risk_Management_Framework
gptkb:Authorization_to_Operate_(ATO)
|
|
gptkbp:bfsLayer
|
7
|