← Cybersecurity Alphabet Soup

RMF

Risk Management Framework

governancehard

NIST's structured process for managing security and privacy risk in information systems, moving through steps to prepare, categorize, select, implement, assess, authorize, and monitor. It is mandatory for US federal systems and culminates in the Authority to Operate decision. It replaced the older checklist mindset with continuous, risk-based authorization.

Sources

More in governance

Go deeper