Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Risk Management

Risk Management Framework (RMF) - Step 2: Select

The purpose of the Selection step is to identify, select, tailor, and document the security and privacy controls necessary to protect the system and the organization commensurate with the risk to organizational operations and assets, individuals, other organizations, and the Nation.

All links below point to PDF files for Step 2 - Select.

Frequently Asked Questions (FAQs)

Roles & Responsibilities

Quick Start Guides (QSGs)

Back to RMF 6 Step Chart 

Created November 30, 2016, Updated August 06, 2018