NIST logo

Publication Citation: NIST SP 800-37 Rev 1, Guide for Applying the Risk Management Framework to Federal Information Systems

NIST Authors in Bold

Author(s): Ronald S. Ross; L A. Johnson;
Title: NIST SP 800-37 Rev 1, Guide for Applying the Risk Management Framework to Federal Information Systems
Published: February 22, 2010
Abstract: The purpose of SP 800-37 Rev 1 is to provide guidelines for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring.
Citation: NIST SP - 800-37 Rev 1
Pages: pp. 1 - 93
Keywords: risk management framework; categorize; security controls; information systems; common controls; roles and responsibilities; security authorization; continuous monitoring; FISMA
Research Areas: NIST General, Computer Security, Standards
PDF version: PDF Document Click here to retrieve PDF version of paper (497KB)