Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Risk Management

Risk Management Framework: Quick Start Guides

The Risk Management Framework (RMF) provides a structured, yet flexible approach for managing the portion of risk resulting from the incorporation of systems into the mission and business processes of the organization.

The Quick Start Guides build on the NIST standards and guidance, consolidate information from various NIST publications, and provide sample ways to implement the standards and guidelines.

The figure below can be used to link to the relevant FIPS, SPs, and additional resources for the RMF steps.

SP 800-39 

The links below point to supporting materials for each RMF Step including Frequently Asked Questions, Roles and Responsibilities Charts, Tips and Techniques (Organization and System), and Perspectives (Management, Organization, and System).

The Quick Start Guides provide implementation guidance and examples on how to plan for, conduct, and document the results. While the guides provide examples and sample documentation, they are not mandatory nor do they prescribe required formats. Additional templates are available from other sources.

 

Created November 30, 2016, Updated May 20, 2019