Chapter 7 Risk Management Framework Steps 1 & 2

Information in this chapter:

• Purpose and Objectives for Initial RMF Steps

• Standards and Guidance for Completing RMF Steps 1 & 2

• Tasks in RMF Step 1: Categorize Information System

• Tasks in RMF Step 2: Select Security Controls

Government regulations require all federal agencies to provide adequate security for all information collected, processed, transmitted, stored, or disseminated in federal information systems [1]. Because “adequate” means both risk based and cost effective, the level of security protection implemented for information systems varies across government organizations and, in some cases, within agencies as well. Despite the subjectivity of the adequate security requirement, FISMA ...

Get FISMA and the Risk Management Framework now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

FISMA and the Risk Management Framework by Daniel R. Philpott, Stephen D. Gantz

Chapter 7

Risk Management Framework Steps 1 & 2

Information in this chapter:

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly