- csrc home
- news & events
Welcome to the course “Applying the Risk Management Framework to Federal Information Systems”.
The purpose of this course is to provide people new to risk management with an overview of a methodology for managing organizational risk—the Risk Management Framework (RMF).
The RMF was developed by the National Institute for Standards and Technology (NIST) to help organizations manage risks to and from Information Technology (IT) systems more easily, efficiently and effectively.
This course describes at a high-level the importance of establishing an organization-wide risk management program, the information security legislation related to organizational risk management, the steps in the RMF, and the NIST publications related to each step.