Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Risk Management

Risk Management Framework (RMF) - Step 1: Categorize

The purpose of the Categorization step is to guide and inform subsequent risk management processes and tasks by determining the adverse impact or consequences to the organization with respect to the compromise or loss of organizational assets—including the confidentiality, integrity, and availability of organizational systems and the information processed, stored, and transmitted by those systems.

All links below point to PDF files for Step 1 - Categorize

Frequently Asked Questions (FAQs)

Roles & Responsibilities

Quick Start Guides (QSGs)

Back to RMF 6 Step Chart 

Created November 30, 2016, Updated May 15, 2018