A structured approach used to oversee and manage risk for an enterprise.
Source(s):
NIST SP 800-12 Rev. 1 under Risk Management Framework (RMF) from CNSSI 4009
CNSSI 4009-2015 [Superseded]

  The Risk Management Framework (RMF), presented in NIST SP 800-37, provides a disciplined and structured process that integrates information security and risk management activities into the system development life cycle.
Source(s):
NIST SP 1800-10B under Risk Management Framework from NIST SP 800-82 Rev. 2, NIST SP 800-37 Rev. 2
NIST SP 1800-16B under Risk Management Framework
NIST SP 1800-16C under Risk Management Framework from NIST SP 800-82 Rev. 2
NIST SP 1800-16D under Risk Management Framework
NIST SP 1800-25B under Risk Management Framework from NIST SP 800-82 Rev. 2, NIST SP 800-37 Rev. 2
NIST SP 1800-26B under Risk Management Framework from NIST SP 800-82 Rev. 2, NIST SP 800-37 Rev. 2
NIST SP 800-82 Rev. 2 under Risk Management Framework from NIST SP 800-37
NISTIR 8323 under Risk Management Framework from NIST SP 800-37 Rev. 2

  The Risk Management Framework (RMF) provides a structured, yet flexible approach for managing the portion of risk resulting from the incorporation of systems into the mission and business processes of the organization.
Source(s):
NIST SP 1800-21B under Risk Management Framework from RMF Quick Start Guides