Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-37 Rev. 1

Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach

Date Published: February 2010 (Updated 6/5/2014)

Planning Note (12/20/2018): This publication will be officially withdrawn on December 20, 2019. 

Superseded By: SP 800-37 Rev. 2 (12/20/2018)
Supersedes: SP 800-37 Rev. 1 (02/22/2010)

Author(s)

Joint Task Force Transformation Initiative

Abstract

Keywords

FISMA; risk management framework; roles and responsibilities; security authorization; categorize; security controls; information systems; continuous monitoring; common controls
Control Families

Security Assessment and Authorization; Configuration Management; Planning; Program Management; Risk Assessment;