Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Risk Management

Risk Management Framework (RMF) - Categorize Step

The purpose of the Categorize Step is to guide and inform subsequent risk management processes and tasks by determining the adverse impact or consequences to the organization with respect to the compromise or loss of organizational assets—including the confidentiality, integrity, and availability of organizational systems and the information processed, stored, and transmitted by those systems.

All links below point to PDF files for the Categorize Step

Frequently Asked Questions (FAQs)

Roles and Responsibilities

Tips and Techniques and Perspectives

Back to RMF Chart 

Created November 30, 2016, Updated May 20, 2019