| Author(s): |
Ronald S. Ross; L A. Johnson; |
| Title: |
NIST SP 800-37 Rev 1, Guide for Applying the Risk Management Framework to Federal Information Systems |
| Published: |
February 22, 2010 |
| Abstract: |
The purpose of SP 800-37 Rev 1 is to provide guidelines for applying the Risk Management Framework to federal information systems to include conducting the activities of security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring. |
| Citation: |
NIST SP - 800-37 Rev 1 |
| Pages: |
pp. 1 - 93 |
| Keywords: |
risk management framework; categorize; security controls; information systems; common controls; roles and responsibilities; security authorization; continuous monitoring; FISMA |
| Research Areas: |
NIST General, Computer Security, Standards |
| PDF version: |
 Click here to retrieve PDF version of paper (485KB) |
