NIST SP 800-37

E532552

NIST Special Publication cybersecurity guideline risk management framework document

NIST SP 800-37 is a key NIST cybersecurity guideline that defines the Risk Management Framework (RMF) for managing information security and privacy risk in federal information systems.

Try in SPARQL Jump to: Surface forms Statements Referenced by

All labels observed (2)

Label	Occurrences
NIST SP 800-37 canonical	2
DoD Risk Management Framework	1

Statements (46)

Predicate	Object
instanceOf	NIST Special Publication ⓘ cybersecurity guideline ⓘ risk management framework document ⓘ
alignsWith	FISMA requirements ⓘ NIST Cybersecurity Framework NERFINISHED ⓘ NIST SP 800-53 NERFINISHED ⓘ
alsoKnownAs	RMF 2.0 NERFINISHED ⓘ
appliesTo	federal agencies ⓘ federal information systems ⓘ
author	National Institute of Standards and Technology NERFINISHED ⓘ
countryOfOrigin	United States of America ⓘ surface form: United States
defines	Risk Management Framework NERFINISHED ⓘ
expandsScopeTo	organizations ⓘ
focusesOn	managing information security risk ⓘ managing privacy risk ⓘ
frameworkName	Risk Management Framework NERFINISHED ⓘ
integrates	cybersecurity risk management ⓘ privacy risk management ⓘ
language	English ⓘ
objective	improve information security posture of federal systems ⓘ integrate risk management into system life cycle ⓘ
provides	guidance for continuous monitoring ⓘ guidance for system authorization ⓘ
publicationYear	2010 ⓘ 2018 ⓘ
publisher	National Institute of Standards and Technology NERFINISHED ⓘ
relatedTo	NIST SP 800-30 NERFINISHED ⓘ NIST SP 800-39 NERFINISHED ⓘ NIST SP 800-53A NERFINISHED ⓘ
replacedBy	NIST SP 800-37 Revision 2 NERFINISHED ⓘ
series	NIST Special Publication 800-series NERFINISHED ⓘ
step	Assess ⓘ Authorize ⓘ Categorize ⓘ Implement ⓘ Monitor ⓘ Prepare ⓘ Select ⓘ
subject	information security risk management ⓘ privacy risk management ⓘ
title	Guide for Applying the Risk Management Framework to Federal Information Systems NERFINISHED ⓘ Guide for Applying the Risk Management Framework to Federal Information Systems and Organizations NERFINISHED ⓘ
usedBy	U.S. federal agencies NERFINISHED ⓘ
usedFor	authorization to operate decisions ⓘ
version	Revision 1 ⓘ Revision 2 ⓘ

Referenced by (3)

Full triples — surface form annotated when it differs from this entity's canonical label.

Special Publications → hasPart → NIST SP 800-37 ⓘ

Army cybersecurity operations policy → alignedWith → NIST SP 800-37 ⓘ

this entity surface form: DoD Risk Management Framework

NIST SP 800 series → includes → NIST SP 800-37 ⓘ