Risk Management Framework for Information Systems and Organizations: NIST SP 800-37 Revision 2

Author(s): National Institute of Standards and Technology

Date: Format: PDF Language: English ISBN/ASIN: B07MGMYRLT
Pages: OCR: Quality: ISBN13:
Uploader: Upload Date: 12/24/2018 6:03:58 PM

NIST SP 800-37 Revision 2 – Released 20 December 2018

This publication provides guidelines for applying the Risk Management Framework (RMF) to information systems and organizations. The RMF includes a disciplined, structured, and flexible process for organizational asset valuation security and privacy control selection, implementation, and assessment system and control authorizations and continuous monitoring. It also includes enterprise-level activities to help better prepare organizations to execute the RMF at the system level. The RMF promotes the concept of near real-time risk management and ongoing system authorization through the implementation of continuous monitoring processes provides senior leaders and executives with the necessary information to make cost-effective, risk management decisions about the systems supporting their missions and business functions and integrates security and privacy controls into the system development life cycle.

Why buy a book you can download for free?

First you gotta find a good clean (legible) copy and make sure its the latest version (not always easy). Some documents found on the web are missing some pages or the image quality is so poor, they are difficult to read. We look over each document carefully and replace poor quality images by going back to the original source document. We proof each document to make sure its all there including all changes. If you find a good copy, you could print it using a network printer you share with 100 other people (typically its either out of paper or toner). If its just a 10-page document, no problem, but if its 250-pages, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour.

Its much more cost-effective to just order the latest version from Amazon.com

This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB). If you like the service we provide, please leave positive review on Amazon.com.
Other titles we print:

NIST SP 800-12 An Introduction to Information Security

NIST SP 800-18 Developing Security Plans for Federal Information Systems

NIST SP 800-31Intrusion Detection Systems

NIST SP 800-34 Contingency Planning Guide for Federal Information Systems

NIST SP 800-35Guide to Information Technology Security Services

NIST SP 800-39Managing Information Security Risk

NIST SP 800-40 Guide to Enterprise Patch Management Technologies

NIST SP 800-41Guidelines on Firewalls and Firewall Policy

NIST SP 800-44Guidelines on Securing Public Web Servers

NIST SP 800-47Security Guide for Interconnecting Information Technology Systems

NIST SP 800-48 Guide to Securing Legacy IEEE 802.11 Wireless Networks

NIST SP 800-53A Assessing Security and Privacy Controls

2370599Book http://tezfiles.com/file/a478d97ae31d4/B…[/url] 2.51eternal