technical report/powerpoint presentatiom
Step 1: Review the Steps in the Risk Management Framework (RMF)
Task: View this topic
Last Visited Jun 18, 2021 6:12 PM
AY
In Project 1, we developed a risk
management plan and a security plan. Both
components are critical in documenting and
securing an information system. Secure
systems remain your objective in this
project, and NIST’s Risk Management
Framework (RMF) is your guide.
The Risk Management Framework outlines a
detailed process integrating information
security and risk management into the
system development life cycle. A risk-based
approach includes multiple steps, with the
ultimate goals to select, implement, assess,
and monitor security controls based on
system requirements and specifications in
accordance with best practices, standards,
and other guidance. The entire process
outlined in the following figure shows the
steps and the NIST documentation
supporting each one.
Risk Management Framework Process
For the purposes of this project, focus mainly
on the first three steps of the RMF process:
categorizing the system, selecting controls,
and implementing controls. You can learn
more about the full process by reading the
Risk Management Framework Overview on
NIST’s Computer Security Resource Center
website .
Now that you have reviewed the RMF
process, we can advance through the
activities leading to the implementation of
security controls for a typical information
system.
Activity Details
6/18/21, 6:15 PM Page 1 of 1