The Risk Management Framework (RMF) is an approach to systems security management that adjusts security controls based on risk factors. The practice involves a continuous cycle of identifying new threats, choosing effective controls, measuring their effectiveness and improving system security.
Federal entities need to understand and utilize RMF as a core part of their FISMA compliance activities. RMF provides the outline for the security accreditation process and Authority to Operate (ATO) of government systems.
This white paper is written by government security and compliance expert Sean Sherman. You will learn about:
- The history and evolution of the RMF
- How to begin an RMF program
- Implementation considerations
- Tools to help
- Detailed reference list
Complete the form to see how to incorporate the Risk Management Framework into your federal government compliance actions.