Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-37 Rev. 1

Guide for Applying the Risk Management Framework to Federal Information Systems: a Security Life Cycle Approach

Date Published: February 2010 (Updated 6/5/2014)

Supersedes: SP 800-37 Rev. 1 (February 2010)

Author(s)

Joint Task Force Transformation Initiative

Abstract

Keywords

information systems; common controls; continuous monitoring; FISMA; risk management framework; roles and responsibilities; security authorization; categorize; security controls
Control Families

Security Assessment and Authorization; Configuration Management; Planning; Program Management; Risk Assessment;