The purpose of this document is to provide an overview of the Risk Management Framework (RMF) codified in National Institute of Standards & Technology (NIST) Special Publication (SP) 800-37r1 for the Federal Energy Management Program (FEMP). This document, while accurate, is not an authoritative source on the management of federal information systems. However, the concepts and process discussed herein are representative of the data points used to compare the RMF with NIST’s Framework for Improving Critical Infrastructure Cybersecurity, otherwise known as the cybersecurity framework.
Revised: February 15, 2019 |
Published: November 30, 2018
Citation
Mylrea M.E., S.G. Gourisetti, M. Touhiduzzaman, M.D. Watson, and J.E. Castleberry. 2018.Risk Management Framework Process Map Richland, WA: Pacific Northwest National Laboratory.