Risk Management Framework Process Map
PNNL-28347
Risk Management Framework Process Map
Prepared for the Federal Energy Management Program
November 2018
ME Mylrea SNG Gourisetti M Touhiduzzaman
MD Watson JE Castleberry
Prepared for the U.S. Department of Energy under Contract DE-AC05-76RL01830
AO ISO ISSO NIST POA&M RAR RMF SAR SCA SCTM SP SSP
Acronyms and Abbreviations
Authorizing Official Information System Owner Information System Security Officer National Institute of Standards & Technology Plan of Action and Milestones Risk Assessment Report Risk Management Framework Security Assessment Report Security Control Assessor Security Controls Traceability Matrix Special Publication System Security Plan
iii
Contents
Acronyms and Abbreviations ...................................................................................................................... iii 1.0 Introduction .......................................................................................................................................... 1 2.0 The Risk Management Framework ...................................................................................................... 1 3.0 RMF Roles and Responsibilities .......................................................................................................... 3 4.0 RMF Step 1--Categorize Information System..................................................................................... 4 5.0 RMF Step 2--Select Security Controls ................................................................................................ 4 6.0 RMF Step 3--Implement Security Controls ........................................................................................ 5 7.0 RMF Step 4--Assess Security Controls............................................................................................... 6 8.0 RMF Step 5--Authorize Information System...................................................................................... 7 9.0 RMF Step 6--Monitor Security Controls............................................................................................. 8 10.0 References .......................................................................................................................................... 11 Appendix A ? Updates to the Risk Management Framework .................................................................. A.1
iv
Figures
1. RMF for Information and Platform Information Technology Systems .................................................... 1 2. Document Mapping for RMF ................................................................................................................... 2 3. Multi-Tiered Risk Management Strategy ................................................................................................. 2
Tables
1. RMF Step 1 ? Categorize Information System ......................................................................................... 4 2. RMF Step 2--Select Security Controls .................................................................................................... 5 3. RMF Step 3--Implement Security Controls............................................................................................. 6 4. RMF Step 4--Assess Security Controls ................................................................................................... 6 5. RMF Step 5--Authorize Information System .......................................................................................... 7 6. RMF Step 6--Monitor Security Controls ................................................................................................. 9
v
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- the risk management framework and cyber resiliency
- ai risk management framework concept paper
- nist risk management framework overview
- risk management framework process map
- risk management framework rmf v2
- nist risk management framework rmf process nisp workflow
- automated nist risk management framework kdm analytics
- servicenow continuous authorization and monitoring
- nist risk management framework quick start guide roles and
- integrating the risk management framework rmf with devops
Related searches
- quality management framework definition
- vendor management framework pdf
- vendor management framework template
- nist risk management framework pdf
- nist risk management framework 2019
- enterprise risk management framework coso
- enterprise risk management framework template
- enterprise risk management framework examples
- risk management framework template
- enterprise risk management framework models
- enterprise risk management framework pdf
- enterprise risk management framework ppt