-
FIND ALL YOUR CYBER SECURITY ANSWERS ON OUR WIKI PAGE
The Cert2Connect wiki for a clear overview of terminology and the many abbreviations in the cyber, cloud and software security landscape.
NIST Risk Management Framework
NIST Risk Management Framework
The NIST Risk Management Framework (RMF) is a structured approach to identifying, assessing, controlling and monitoring information security risks within an organization.
The framework consists of six phases:
- Categorize: identify systems and assets and determine the level of protection required.
- Select: Select appropriate security controls used to mitigate risk.
- Implement: Implement the security controls in the systems and assets.
- Assess: Evaluate the effectiveness of the security controls to determine whether the security measures are adequate.
- Authorize: decide whether the systems and assets are safe enough to put into production.
- Monitor: Continuously monitor and review security controls to ensure security continues to meet requirements.
The NIST RMF is a flexible framework and can be adapted to the specific needs of an organization. It is used by government agencies and businesses around the world.
Updated on 07 Aug, 2023