Chapter 5

Applying the NIST risk management framework

Abstract

This chapter provides an overview of the Federal Information Security Modernization Act. In addition, a detailed review of National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) through an in-depth examination of each of the steps in the NIST RMF process.

Keywords

FISMA; NIST; RMF; security assessment report; security; risk management

Information in this chapter:

• Introduction to FISMA

• Risk Management Framework Overview

• NIST RMF Process

Introduction to FISMA

The Federal Information Security Modernization Act (FISMA)¹ was signed into law on December 18, 2014 in Public Law 113δ283. FISMA 2014 extended the provisions of FISMA 2002, which permanently reauthorized ...

Get Federal Cloud Computing, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Federal Cloud Computing, 2nd Edition by Matthew Metheny

Applying the NIST risk management framework

Abstract

Keywords

Introduction to FISMA

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly