NIST Risk Management Framework
GPTKB entity
Statements (70)
| Predicate | Object |
|---|---|
| gptkbp:instance_of |
gptkb:Risk_Management
|
| gptkbp:applies_to |
Federal Information Systems
|
| gptkbp:based_on |
gptkb:NIST_Special_Publication_800-37
|
| gptkbp:communication |
Stakeholders
|
| gptkbp:developed_by |
gptkb:NIST
|
| gptkbp:emphasizes |
Risk Assessment Process
|
| gptkbp:facilitates |
Information Security Program Management
|
| https://www.w3.org/2000/01/rdf-schema#label |
NIST Risk Management Framework
|
| gptkbp:includes |
gptkb:Risk_Management
Continuous Monitoring Security Controls Selection |
| gptkbp:is_adopted_by |
State Governments
Supply Chain Risk Management |
| gptkbp:is_aligned_with |
gptkb:Federal_Information_Security_Modernization_Act_(FISMA)
Cybersecurity Best Practices National Institute of Standards and Technology Guidelines |
| gptkbp:is_applicable_to |
Private Sector Organizations
|
| gptkbp:is_critical_for |
Cybersecurity Risk Management
|
| gptkbp:is_documented_in |
gptkb:NIST_Special_Publication_800-37_Revision_1
gptkb:NIST_Special_Publication_800-37_Revision_2 gptkb:NIST_Special_Publication_800-39_Revision_1 |
| gptkbp:is_enhanced_by |
Stakeholder Engagement
Training and Awareness Programs Collaboration with Industry Partners Automated Risk Assessment Tools Continuous Monitoring Processes |
| gptkbp:is_evaluated_by |
gptkb:Best_Practices
Performance Metrics Risk Management Strategy Risk Assessments Third-Party Assessments Risk Tolerance Levels |
| gptkbp:is_guided_by |
gptkb:NIST_Special_Publication_800-30
gptkb:NIST_Special_Publication_800-53 |
| gptkbp:is_implemented_in |
Security Controls
|
| gptkbp:is_influenced_by |
gptkb:ISO/_IEC_27001
|
| gptkbp:is_informed_by |
gptkb:military_intelligence
Regulatory Requirements |
| gptkbp:is_integrated_with |
Incident Response Plans
Governance Frameworks Enterprise Risk Management Programs |
| gptkbp:is_part_of |
gptkb:Cybersecurity
NIST Risk Management Framework for Information Systems |
| gptkbp:is_promoted_by |
gptkb:NIST_Cybersecurity_Division
Cybersecurity Awareness Campaigns |
| gptkbp:is_promoted_through |
Workshops and Training Sessions
|
| gptkbp:is_reflected_in |
Risk Management Policies
System Security Plans Risk Management Framework Documentation |
| gptkbp:is_related_to |
Information Assurance
|
| gptkbp:is_reviewed_by |
Risk Management Committees
|
| gptkbp:is_supported_by |
gptkb:Cybersecurity
Risk Management Tools Risk Management Framework Implementation Guides Risk Management Framework Assessment Tools Risk Management Framework Community of Practice Risk Management Framework Tool |
| gptkbp:is_updated_by |
gptkb:NIST_Special_Publication_800-39
|
| gptkbp:is_used_by |
U. S. Government Agencies
|
| gptkbp:is_used_for |
Risk Management in Cloud Computing
|
| gptkbp:is_utilized_for |
Compliance Audits
Business Continuity Planning Data Protection Strategies |
| gptkbp:promotes |
Risk-based decision making
|
| gptkbp:provides |
Guidelines for integrating security and risk management activities
|
| gptkbp:purpose |
Manage risk in information systems
|
| gptkbp:supports |
Compliance with federal regulations
|
| gptkbp:bfsParent |
gptkb:NIST_SP_800-53
gptkb:NIST_Cybersecurity_Framework_Manufacturing_Profile |
| gptkbp:bfsLayer |
4
|