Risk Management Framework for Information Systems and Organizations: NIST SP 800-37 Revision 2 by National Institute of Standards and Technology
English | December 22, 2018 | ASIN: B07MGMYRLT | 185 pages | PDF | 2.51 MB
English | December 22, 2018 | ASIN: B07MGMYRLT | 185 pages | PDF | 2.51 MB
NIST SP 800-37 Revision 2 - Released 20 December 2018
This publication provides guidelines for applying the Risk Management Framework (RMF) to information systems and organizations. The RMF includes a disciplined, structured, and flexible process for organizational asset valuation; security and privacy control selection, implementation, and assessment; system and control authorizations; and continuous monitoring. It also includes enterprise-level activities to help better prepare organizations to execute the RMF at the system level. The RMF promotes the concept of near real-time risk management and ongoing system authorization through the implementation of continuous monitoring processes; provides senior leaders and executives with the necessary information to make cost-effective, risk management decisions about the systems supporting their missions and business functions; and integrates security and privacy controls into the system development life cycle.
Why buy a book you can download for free?
First you gotta find a good clean (legible) copy and make sure it’s the latest version (not always easy). Some documents found on the web are missing some pages or the image quality is so poor, they are difficult to read. We look over each document carefully and replace poor quality images by going back to the original source document. We proof each document to make sure it’s all there – including all changes. If you find a good copy, you could print it using a network printer you share with 100 other people (typically its either out of paper or toner). If it’s just a 10-page document, no problem, but if it’s 250-pages, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour.
It’s much more cost-effective to just order the latest version from Amazon.com
This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 ½ by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB). If you like the service we provide, please leave positive review on Amazon.com.
Other titles we print:
NIST SP 800-12 An Introduction to Information Security
NIST SP 800-18 Developing Security Plans for Federal Information Systems
NIST SP 800-31Intrusion Detection Systems
NIST SP 800-34 Contingency Planning Guide for Federal Information Systems
NIST SP 800-35Guide to Information Technology Security Services
NIST SP 800-39Managing Information Security Risk
NIST SP 800-40 Guide to Enterprise Patch Management Technologies
NIST SP 800-41Guidelines on Firewalls and Firewall Policy
NIST SP 800-44Guidelines on Securing Public Web Servers
NIST SP 800-47Security Guide for Interconnecting Information Technology Systems
NIST SP 800-48 Guide to Securing Legacy IEEE 802.11 Wireless Networks
NIST SP 800-53A Assessing Security and Privacy Controls