{"id":9093,"date":"2024-05-16T18:41:53","date_gmt":"2024-05-16T18:41:53","guid":{"rendered":"https:\/\/sajinshivdas.com\/cybersecurity\/?page_id=9093"},"modified":"2024-08-15T10:57:48","modified_gmt":"2024-08-15T10:57:48","slug":"nist-risk-management-framework-rmf","status":"publish","type":"page","link":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/","title":{"rendered":"NIST Risk Management Framework (RMF)"},"content":{"rendered":"[vc_row type=&#8221;full_width_content&#8221; full_screen_row_position=&#8221;middle&#8221; column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; bg_color=&#8221;#5b5b5b&#8221; bg_image=&#8221;10185&#8243; bg_position=&#8221;center center&#8221; background_image_loading=&#8221;default&#8221; bg_repeat=&#8221;no-repeat&#8221; scene_position=&#8221;center&#8221; top_padding=&#8221;12%&#8221; constrain_group_1=&#8221;yes&#8221; bottom_padding=&#8221;12%&#8221; left_padding_desktop=&#8221;10%&#8221; constrain_group_2=&#8221;yes&#8221; right_padding_desktop=&#8221;10%&#8221; top_padding_tablet=&#8221;25%&#8221; text_color=&#8221;light&#8221; text_align=&#8221;left&#8221; row_border_radius=&#8221;none&#8221; row_border_radius_applies=&#8221;bg&#8221; overflow=&#8221;visible&#8221; enable_gradient=&#8221;true&#8221; color_overlay=&#8221;rgba(10,10,10,0.4)&#8221; color_overlay_2=&#8221;#0a0a0a&#8221; advanced_gradient_angle=&#8221;0&#8243; overlay_strength=&#8221;0.95&#8243; gradient_direction=&#8221;top_to_bottom&#8221; shape_divider_position=&#8221;bottom&#8221; bg_image_animation=&#8221;zoom-out-slow&#8221; parallax_bg=&#8221;true&#8221; parallax_bg_speed=&#8221;fast&#8221; gradient_type=&#8221;default&#8221; shape_type=&#8221;&#8221;][vc_column column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;0px&#8221; centered_text=&#8221;true&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; column_position=&#8221;default&#8221; advanced_gradient_angle=&#8221;0&#8243; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221; gradient_type=&#8221;default&#8221;][vc_row_inner column_margin=&#8221;none&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; zindex=&#8221;100&#8243; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][split_line_heading animation_type=&#8221;line-reveal-by-space&#8221; font_style=&#8221;h1&#8243; line_reveal_by_space_text_effect=&#8221;letter-reveal-bottom&#8221; stagger_animation=&#8221;true&#8221; content_alignment=&#8221;default&#8221; mobile_content_alignment=&#8221;inherit&#8221; link_target=&#8221;_self&#8221; text_content=&#8221;NIST Risk Management Framework (RMF) Mindmap&#8221; font_size=&#8221;8vw&#8221;][\/split_line_heading][\/vc_column_inner][\/vc_row_inner][vc_row_inner column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; top_padding=&#8221;1%&#8221; constrain_group_1=&#8221;yes&#8221; bottom_padding=&#8221;1%&#8221; left_padding_desktop=&#8221;25%&#8221; constrain_group_2=&#8221;yes&#8221; right_padding_desktop=&#8221;25%&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; advanced_gradient_angle=&#8221;0&#8243; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; enable_animation=&#8221;true&#8221; animation=&#8221;fade-in-from-bottom&#8221; animation_easing=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221; gradient_type=&#8221;default&#8221; delay=&#8221;300&#8243;][divider line_type=&#8221;Vertical Line&#8221; divider_color=&#8221;white&#8221; custom_height=&#8221;50&#8243; custom_height_tablet=&#8221;25&#8243;][\/vc_column_inner][\/vc_row_inner][vc_row_inner column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; left_padding_desktop=&#8221;30%&#8221; constrain_group_2=&#8221;yes&#8221; right_padding_desktop=&#8221;30%&#8221; left_padding_tablet=&#8221;15%&#8221; constrain_group_4=&#8221;yes&#8221; right_padding_tablet=&#8221;15%&#8221; left_padding_phone=&#8221;8%&#8221; constrain_group_6=&#8221;yes&#8221; right_padding_phone=&#8221;8%&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][split_line_heading animation_type=&#8221;line-reveal-by-space&#8221; font_style=&#8221;p&#8221; line_reveal_by_space_text_effect=&#8221;default&#8221; stagger_animation=&#8221;true&#8221; content_alignment=&#8221;default&#8221; mobile_content_alignment=&#8221;inherit&#8221; link_target=&#8221;_self&#8221; text_content=&#8221;Risk Management Framework for Systems and Organizations based on NIST Special Publication (SP) 800-37, Revision 2&#8243; font_size=&#8221;1.1vw&#8221; font_line_height=&#8221;1.6&#8243; animation_delay=&#8221;500&#8243; animation_offset=&#8221;100%&#8221; font_size_tablet=&#8221;18&#8243; font_size_phone=&#8221;16&#8243;][\/split_line_heading][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row type=&#8221;full_width_background&#8221; full_screen_row_position=&#8221;middle&#8221; column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; bg_color=&#8221;#5e5e5e&#8221; scene_position=&#8221;center&#8221; top_padding=&#8221;5%&#8221; bottom_padding=&#8221;5%&#8221; text_color=&#8221;dark&#8221; text_align=&#8221;left&#8221; row_border_radius=&#8221;none&#8221; row_border_radius_applies=&#8221;bg&#8221; overflow=&#8221;visible&#8221; id=&#8221;features&#8221; row_name=&#8221;Features&#8221; overlay_strength=&#8221;0.3&#8243; gradient_direction=&#8221;left_to_right&#8221; shape_divider_position=&#8221;bottom&#8221; bg_image_animation=&#8221;none&#8221; gradient_type=&#8221;default&#8221; shape_type=&#8221;&#8221;][vc_column column_padding=&#8221;padding-11-percent&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;left-right&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; column_position=&#8221;default&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][vc_row_inner column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; centered_text=&#8221;true&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; enable_animation=&#8221;true&#8221; animation=&#8221;fade-in&#8221; animation_easing=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][vc_column_text css=&#8221;.vc_custom_1715878930655{margin-top: 50px !important;margin-bottom: 15px !important;}&#8221;]\n<h2><span style=\"color: #ffffff;\">7 Steps of Risk Mangement Framework\u00a0<\/span><\/h2>\n<h4><span style=\"color: #ffffff;\">RMF Steps, Purpose and Tasks.<\/span><\/h4>\n[\/vc_column_text][\/vc_column_inner][\/vc_row_inner][vc_row_inner column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; enable_animation=&#8221;true&#8221; animation=&#8221;fade-in-from-bottom&#8221; animation_easing=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][nectar_image_with_hotspots image=&#8221;10185&#8243; preview=&#8221;https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png&#8221; color_1=&#8221;Accent-Color&#8221; hotspot_icon=&#8221;numerical&#8221; tooltip=&#8221;hover&#8221; tooltip_shadow=&#8221;large_depth&#8221; animation=&#8221;true&#8221;][nectar_hotspot left=&#8221;40.6868%&#8221; top=&#8221;14.9282%&#8221; position=&#8221;right&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Carry out essential activities at all three risk management levels to help prepare the organization to manage its security and privacy risks using the RMF<\/p>\n<h5 style=\"color: #227bf7;\">Organization and Mission\/Business Process Level Tasks<\/h5>\n<p>P-1: Risk Management Roles|P-2: Risk Management Strategy|P-3: Risk Assessment &#8211; Organization|P-4: Organizationally-tailored Control Baselines and CSF Profiles (optional)|P-5: Common Control Identification|P-6: Impact Level Prioritization (optional)|P-7: Continuous Monitoring Strategy &#8211; Organization<\/p>\n<h5 style=\"color: #227bf7;\">System Level Tasks (NEW)<\/h5>\n<p>P-8: Mission or Business Focus|P-9: System Stakeholders|P-10: Asset Identification|P-11: Authorization Boundary|P-12: Information Types|P-13: Information Life Cycle|P-14: Risk Assessment &#8211; System|P-15: Requirements Definition|P-16: Enterprise Architecture|P-17: Requirements Allocation|P-18: System Registration[\/nectar_hotspot][nectar_hotspot left=&#8221;68.7088%&#8221; top=&#8221;28.7802%&#8221; position=&#8221;bottom&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Inform organizational risk management processes and tasks by determining the adverse impact of the loss of confidentiality, integrity, and availability of organizational systems and information to the organization<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>C-1:System Description | C-2:Security Categorization | C-3:Security Categorization Review and Approval (NEW)[\/nectar_hotspot][nectar_hotspot left=&#8221;75.4381%&#8221; top=&#8221;53.9089%&#8221; position=&#8221;left&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Select, tailor, and document the controls necessary to protect the system and organization commensurate with risk to organizational operations and assets, individuals, and the Nation.<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>S-1:Control Selection | S-2: Control Tailoring (NEW) | S-3:Control Allocation (REVISED) | S-4:Document Planned Control Implementations (NEW) | S-5:Continuous Monitoring Strategy \u2013 System (REVISED) |S-6:Plan Review and Approval[\/nectar_hotspot][nectar_hotspot left=&#8221;68.7206%&#8221; top=&#8221;79.8249%&#8221; position=&#8221;top&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Acccomplish the activities necessary to translate the security and privacy controls identified in the system security plan into an effective implementation<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>I-1: Control Implementation | I-2: Update Control Implementation Information\u200b (REVISED)[\/nectar_hotspot][nectar_hotspot left=&#8221;12.3233%&#8221; top=&#8221;79.1382%&#8221; position=&#8221;right&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Determine if the controls selected for implementation are implemented correctly, operating as intended, and producing the desired outcome with respect to meeting the security and privacy requirements for the system and organization<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>A-1:Assessor Selection (NEW) | A-2:Assessment Plan | A-3:Control Assessments (MOVED) | A-4:Assessment Reports | A-5:Remediation Actions | A-6:Plan of Action and Milestones (MOVED)[\/nectar_hotspot][nectar_hotspot left=&#8221;7.5749%&#8221; top=&#8221;53.6033%&#8221; position=&#8221;right&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Provide accountability by requiring a senior management official to determine if the security and privacy risk to organizational operations and assets, individuals, other organizations, or the Nation of operating a system or the use of common controls, is acceptable<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>R-1:Authorization Package | R-2:Risk Analysis and Determination (REVISED) | R-3:Risk Response (NEW) | R-4:Authorization Decision (NEW) | R-5:Authorization Reporting[\/nectar_hotspot][nectar_hotspot left=&#8221;11.5296%&#8221; top=&#8221;29.0859%&#8221; position=&#8221;bottom&#8221;]\n<h5 style=\"color: #227bf7;\">Purpose<\/h5>\n<p>Maintain an ongoing situational awareness about the security and privacy posture of the system and the organization in support of risk management decisions<\/p>\n<h5 style=\"color: #227bf7;\">Tasks<\/h5>\n<p>M-1:System and Environment Changes | M-2:Ongoing Assessments | M-3:Ongoing Risk Response | M-4:Authorization Package Updates | M-5:Security and Privacy Reporting | M-6:Ongoing Authorization | M-7:System Disposal[\/nectar_hotspot][\/nectar_image_with_hotspots][\/vc_column_inner][\/vc_row_inner][\/vc_column][\/vc_row][vc_row type=&#8221;full_width_background&#8221; full_screen_row_position=&#8221;middle&#8221; column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; bg_color=&#8221;#5e5e5e&#8221; scene_position=&#8221;center&#8221; text_color=&#8221;dark&#8221; text_align=&#8221;left&#8221; row_border_radius=&#8221;none&#8221; row_border_radius_applies=&#8221;bg&#8221; overflow=&#8221;visible&#8221; id=&#8221;Related Mindmaps&#8221; overlay_strength=&#8221;0.3&#8243; gradient_direction=&#8221;left_to_right&#8221; shape_divider_position=&#8221;bottom&#8221; bg_image_animation=&#8221;none&#8221; bg_type=&#8221;image&#8221; parallax_style=&#8221;vcpb-default&#8221; bg_image_new=&#8221;id^9277|url^https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/01\/www.sajinshivdas.comforensics-2.png|caption^null|alt^Types _of_forensics_01|title^Types _of_forensics|description^null&#8221; gradient_type=&#8221;default&#8221; shape_type=&#8221;&#8221;][vc_column column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; column_position=&#8221;default&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][vc_column_text css=&#8221;.vc_custom_1715884588098{margin-bottom: 50px !important;}&#8221;]\n<h1 style=\"text-align: center;\"><span style=\"color: #ffffff;\">NIST-Risk Manangement Framework Mindmap<\/span><\/h1>\n[\/vc_column_text][vc_raw_html]JTNDaWZyYW1lJTBBJTA5d2lkdGglM0QlMjIxNTAlMjUlMjIlMEElMDloZWlnaHQlM0QlMjIxNTAwJTIyJTBBJTA5Ym9yZGVyJTNEJTIyMCUyMiUwQSUwOXNjcm9sbGluZyUzRCUyMm5vJTIyJTBBJTA5c3R5bGUlM0QlMjJib3JkZXIlM0ElMjBub25lJTNCJTIyJTBBJTA5c3JjJTNEJTIyaHR0cHMlM0ElMkYlMkZpb2N0b3B1cy5vbmxpbmUlMkZzaC03MmYxNmIyZDQ1MmY3ZjEyJTNGbWVudWJhciUzRDAlMjZwYW5lbE1haW4lM0QwJTI2cGFuZWxUaGVtZXMlM0QwJTI2cGFuZWxJY29ucyUzRDAlMjZwYW5lbENvbG9ycyUzRG9wZW4lMjZmcmVlemVQYW5lbHMlM0QxJTI2aXNvbGF0ZSUzRDElMjZzY3JvbGxhYmxlJTNEMCUyNnJvdW5kZWRQYW5lbHMlM0QxJTIyJTBBJTNFJTNDJTJGaWZyYW1lJTNF[\/vc_raw_html][nectar_btn size=&#8221;large&#8221; open_new_tab=&#8221;true&#8221; button_style=&#8221;regular&#8221; button_color_2=&#8221;Accent-Color&#8221; color_override=&#8221;#ff1053&#8243; icon_family=&#8221;none&#8221; text=&#8221;Full Screen&#8221; url=&#8221;https:\/\/sajinshivdas.com\/cybersecurity\/nist-rmf\/&#8221;]\r\n\t\t\t<div class=\"ult_dual_button  ult-adjust-bottom-margin to-center  \"  data-response=\"on\" id=\"ult_btn_3336523019\">\r\n\r\n\t\t\t<div id=\"dualbtn-2909\" class=\"ulitmate_dual_buttons ult-dual-btn ult_main_dualbtn \" data-bcolor=\"#333333\"data-bhcolor=\"\">\r\n\r\n\t\t\t<div class=\"ult_dualbutton-wrapper btn-inline place-template bt1 \"><a href=\"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/NIST_RMF_PDF.zip\" target=\"_blank\" rel=\"noopener\"  class=\"ult_ivan_button round-square with-icon icon-before with-text place-template ult_dual1\" style=\";margin-right:px;;background-color:#000000 !important;; border-color:#333333;border-style:;border-width:0px;border-radius:px;;\">\r\n\t\t\t<span class=\"ult-dual-btn-1 Style 1\" style=\"\"  data-bgcolor=\"#000000\" data-bghovercolor=\"#3452ff\" data-icon_color=\"#333333\" data-icon_hover_color=\"#333333\" data-textcolor=\"#ffffff\" data-texthovercolor=\"#ffffff\" data-iconbgcolor=\"transperent\" data-iconbghovercolor=\"transperent\" data-iconborder=\"transperent\" data-iconhoverborder=\"transperent\" >\r\n\t\t\t<span class=\"icon-simple icon-left1 ult_btn1span \"  style=\"; \">\n<span class=\"aio-icon btn1icon none \"  style=\"color:#333333;font-size:32px;\">\n\t<i class=\"awesome-file-pdf-o\" ><\/i>\n<\/span><\/span>\r\n\t\t\t<span class=\"text-btn ult-dual-button-title ult-responsive\"  data-ultimate-target='#dualbtn-2909 .ult-dual-button-title'  data-responsive-json-new='{\"font-size\":\"desktop:15px;\",\"line-height\":\"desktop:15px;\"}'  style=\"font-weight:bold;color:#ffffff;\">Download PDF Format<\/span>\r\n\r\n\t\t\t<\/span>\r\n\t\t\t<\/a><span class=\"middle-text\" style=\"line-height: 1.8em;color:#ffffff;background-color:#333333;border-width:0px;\">\r\n\t\t\t<span class=\"middle-inner\"  >or<\/span>\r\n\t\t\t<\/span>\r\n\r\n\t\t\t<\/div>\r\n\r\n\t\t\t<div class=\"ult_dualbutton-wrapper btn-inline place-template btn2 \"><a href=\"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/NIST_RMF_IMG.zip\" target=\"_blank\" rel=\"noopener\"  class=\"ult_ivan_button round-square with-icon icon-after with-text place-template ult_dual2\"  style=\";background-color:#000000 !important;;margin-left:px;;border-color:#333333;border-style:;border-width:0px;border-radius:px;\">\r\n\t\t\t<span class=\"ult-dual-btn-2 Style 1\"  data-bgcolor=\"#000000\" data-bghovercolor=\"#3452ff\" data-icon_color=\"#333333\" data-icon_hover_color=\"#333333\" data-textcolor=\"#ffffff\" data-texthovercolor=\"#ffffff\" data-iconbgcolor=\"transperent\" data-iconbghovercolor=\"transperent\" data-iconborder=\"transperent\" data-iconhoverborder=\"transperent\" >\r\n\t\t\t<span class=\"text-btn ult-dual-button-title\" style=\"font-weight:bold;color:#ffffff;\">Download JPG Format<\/span>\r\n\r\n\t\t\t<span class=\"icon-simple icon-right2 ult_btn1span \"  style=\"; \">\n<span class=\"aio-icon btn1icon none \"  style=\"color:#333333;font-size:32px;display:inline-block;\">\n\t<i class=\"hawcons-document-file-jpg1\" ><\/i>\n<\/span><\/span>\r\n\t\t\t<\/span>\r\n\t\t\t<\/a><\/div>\r\n\t\t\t<\/div>\r\n\t\t\t<\/div><div class=\"ult-spacer spacer-69faefca632ea\" data-id=\"69faefca632ea\" data-height=\"20\" data-height-mobile=\"20\" data-height-tab=\"20\" data-height-tab-portrait=\"\" data-height-mobile-landscape=\"\" style=\"clear:both;display:block;\"><\/div><div id=\"ultimate-heading-595869faefca63307\" class=\"uvc-heading ult-adjust-bottom-margin ultimate-heading-595869faefca63307 uvc-4355 \" data-hspacer=\"line_only\"  data-halign=\"left\" style=\"text-align:left\"><div class=\"uvc-main-heading ult-responsive\"  data-ultimate-target='.uvc-heading.ultimate-heading-595869faefca63307 h4'  data-responsive-json-new='{\"font-size\":\"\",\"line-height\":\"\"}' ><h4 style=\"font-weight:bold;color:#ffffff;\">Supporting NIST Publications (RMF steps)<\/h4><\/div><div class=\"uvc-heading-spacer line_only\" style=\"topheight:2px;\"><span class=\"uvc-headings-line\" style=\"border-style:solid;border-bottom-width:2px;border-color:#000000;width:autopx;\"><\/span><\/div><\/div>[vc_column_text]<span style=\"color: #ffffff;\">\ud83c\udf0d<b>Prepare<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-30\/rev-1\/final\"><b>NIST SP 800-30<\/b><\/a>, <i>Guide for Conducting Risk Assessments <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-39\/final\"><b>NIST SP 800-39<\/b><\/a>, <i>Managing Information Security Risk: Organization, Mission, and Information System View <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53b\/final\"><b>NIST SP 800-53B<\/b><\/a>, <i>Control Baselines and Tailoring Guidance for Federal Information Systems and Organizations<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-60\/vol-1-rev-1\/final\"><b>NIST SP 800-60, Volume 1<\/b><\/a>, <i>Guide for Mapping Types of Information and Information Systems to Security Categories<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-60\/vol-2-rev-1\/final\"><b>NIST SP 800-60, Volume 2<\/b><\/a>, <i>Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-160\/vol-1-rev-1\/final\"><b>NIST SP 800-160, Volume 1<\/b><\/a>, <i>Engineering Trustworthy Secure Systems <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-161\/rev-1\/final\"><b>NIST SP 800-161<\/b><\/a>, <i>Supply Chain Risk Management Practices for Federal Information Systems and Organizations <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8062\/final\"><b>NIST IR 8062<\/b><\/a>, <i>An Introduction to Privacy Engineering and Risk Management in Federal Systems <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8179\/final\"><b>NIST IR 8179<\/b><\/a>, <i>Criticality Analysis Process Model: Prioritizing Systems and Components <\/i><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Categorize<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/fips\/199\/final\"><b><i>FIPS 199<\/i><\/b><\/a><i>, Standards for Security Categorization of Federal Information and Systems\u00a0 <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-60\/vol-1-rev-1\/final\"><b><i>NIST SP 800-60, Volume 1<\/i><\/b><\/a><i>, Guide for Mapping Types of Information and Information Systems to Security Categories<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-60\/vol-2-rev-1\/final\"><b><i>NIST SP 800-60, Volume 2<\/i><\/b><\/a><i>, Guide for Mapping Types of Information and Information Systems to Security Categories: Appendices<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-18\/rev-1\/final\"><b><i>NIST SP 800-18<\/i><\/b><\/a><i>, Guide for Developing System Security Plans for Federal Systems <\/i><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Select<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/fips\/200\/final\"><b><i>FIPS 200<\/i><\/b><\/a><i>, Minimum Security Requirements for Federal Information and Systems <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53\/rev-5\/final\"><b><i>NIST SP 800-53<\/i><\/b><\/a><i>, Security and Privacy Controls for Federal Systems and Organizations <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53b\/final\"><b><i>NIST SP 800-53B<\/i><\/b><\/a><i>, Security and Privacy Controls for Federal Information Systems and Organizations<\/i><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Implement<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-128\/final\"><b><i>NIST SP 800-128<\/i><\/b><\/a><i>, Guide for Security-Focused Configuration Management of Information Systems <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-34\/rev-1\/final\"><b><i>NIST SP 800-34<\/i><\/b><\/a><i>, Contingency Planning Guide for Federal Information Systems <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-61\/rev-2\/final\"><b><i>NIST SP 800-61<\/i><\/b><\/a><i>, Computer Security Incident Handling Guide <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-86\/final\"><b><i>NIST SP 800-86<\/i><\/b><\/a><i>, Guide to Integrating Forensic Techniques into Incident Response<\/i><\/span><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Assess<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53a\/rev-5\/final\"><b><i>NIST SP 800-53A<\/i><\/b><\/a><i>, Assessing Security and Privacy Controls in Federal Systems and Organizations: Building Effective Security Assessment Plans<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8011\/vol-1\/final\"><b><i>NIST IR 8011<\/i><\/b><\/a><i>, Automation Support for Ongoing Assessment (Multiple Volumes)<\/i><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Authorize<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><i>no additional NIST publications<\/i><\/span><\/li>\n<\/ul>\n<p><span style=\"color: #ffffff;\">\ud83c\udf0d<b>Monitor<\/b><\/span><\/p>\n<ul>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-137\/final\"><b><i>NIST SP 800-137<\/i><\/b><\/a><i>, Information Security Continuous Monitoring for Federal Information Systems and Organizations <\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-137a\/final\"><b><i>NIST SP 800-137A<\/i><\/b><\/a><i>, Assessing Information Security Continuous Monitoring (ISCM) Programs: Developing an ISCM Program Assessment<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/sp\/800-53a\/rev-5\/final\"><b><i>NIST SP 800-53A<\/i><\/b><\/a><i>, Assessing Security and Privacy Controls in Federal Systems and Organizations: Building Effective Security Assessment Plans<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8011\/vol-1\/final\"><b><i>NIST IR 8011<\/i><\/b><\/a><i>, Automation Support for Ongoing Assessment (Multiple Volumes)<\/i><\/span><\/li>\n<li><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/publications\/detail\/nistir\/8212\/final\"><b><i>NIST IR 8212<\/i><\/b><\/a><i>, ISCMA: An Information Security Continuous Monitoring Program Assessment<br \/>\n(and reference implementation to conduct ISCM Program Assessment)<\/i><\/span><\/li>\n<\/ul>\n[\/vc_column_text][vc_row_inner column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; text_align=&#8221;left&#8221; row_position=&#8221;default&#8221; row_position_tablet=&#8221;inherit&#8221; row_position_phone=&#8221;inherit&#8221; overflow=&#8221;visible&#8221; pointer_events=&#8221;all&#8221;][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/6&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][\/vc_column_inner][vc_column_inner column_padding=&#8221;padding-2-percent&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;left-right&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; centered_text=&#8221;true&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;2\/3&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; enable_animation=&#8221;true&#8221; animation=&#8221;fade-in&#8221; animation_easing=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][nectar_gradient_text heading_tag=&#8221;h5&#8243; color=&#8221;extra-color-gradient-2&#8243; gradient_direction=&#8221;horizontal&#8221; text=&#8221;Complete Mindmaps&#8221; margin_bottom=&#8221;10&#8243;][vc_custom_heading text=&#8221;Complete list of Mindmaps related to Cybersecurity&#8221; font_container=&#8221;tag:h2|font_size:52|text_align:center|line_height:52px&#8221; use_theme_fonts=&#8221;yes&#8221; css_animation=&#8221;fadeInUp&#8221;][vc_custom_heading text=&#8221;Cybersecurity Mindmaps&#8221; font_container=&#8221;tag:p|text_align:center|color:rgba(0%2C0%2C0%2C0.7)&#8221; use_theme_fonts=&#8221;yes&#8221; css_animation=&#8221;fadeInUp&#8221; css=&#8221;.vc_custom_1707775606373{margin-top: 10px !important;margin-bottom: 10px !important;}&#8221;][nectar_btn size=&#8221;jumbo&#8221; open_new_tab=&#8221;true&#8221; button_style=&#8221;regular&#8221; button_color_2=&#8221;extra-color-gradient-2&#8243; icon_family=&#8221;default_arrow&#8221; url=&#8221;https:\/\/sajinshivdas.com\/sajins-mind-maps\/&#8221; text=&#8221;Find More&#8221; css_animation=&#8221;zoomIn&#8221; margin_top=&#8221;30&#8243;][\/vc_column_inner][vc_column_inner column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; overflow=&#8221;visible&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/6&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;][\/vc_column_inner][\/vc_row_inner]<div class=\"ult-spacer spacer-69faefca63327\" data-id=\"69faefca63327\" data-height=\"20\" data-height-mobile=\"20\" data-height-tab=\"20\" data-height-tab-portrait=\"\" data-height-mobile-landscape=\"\" style=\"clear:both;display:block;\"><\/div><div id=\"ultimate-heading-863169faefca6333d\" class=\"uvc-heading ult-adjust-bottom-margin ultimate-heading-863169faefca6333d uvc-3979 \" data-hspacer=\"line_only\"  data-halign=\"left\" style=\"text-align:left\"><div class=\"uvc-main-heading ult-responsive\"  data-ultimate-target='.uvc-heading.ultimate-heading-863169faefca6333d h4'  data-responsive-json-new='{\"font-size\":\"\",\"line-height\":\"\"}' ><h4 style=\"font-weight:bold;color:#ffffff;\">Disclaimer<\/h4><\/div><div class=\"uvc-heading-spacer line_only\" style=\"topheight:2px;\"><span class=\"uvc-headings-line\" style=\"border-style:solid;border-bottom-width:2px;border-color:#000000;width:autopx;\"><\/span><\/div><\/div>[vc_column_text]<span style=\"font-family: Calibri; color: #ffffff;\"><span style=\"font-size: 14.6667px;\">This article and the mindmaps are created for quick reference and upskilling your knowledge. Also find the link below to the NIST Portal for the RMF and other Introductory Courses.<\/span><\/span><\/p>\n<p><span style=\"color: #ffffff;\"><cite lang=\"en-US\" style=\"margin: 0in; font-family: Calibri; font-size: 9pt;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/Projects\/risk-management\/rmf-courses\">https:\/\/csrc.nist.gov\/Projects\/risk-management\/rmf-courses<\/a><\/cite><\/span><\/p>\n<ul style=\"direction: ltr; unicode-bidi: embed; margin-top: 0in; margin-bottom: 0in;\" type=\"disc\">\n<li lang=\"en-US\" style=\"margin-top: 0; margin-bottom: 0; vertical-align: middle;\"><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/CSRC\/media\/Projects\/risk-management\/images-media\/rmf-training\/intro-course-v2_0\/index.html\"><span style=\"font-family: Calibri; font-size: 11.0pt;\">RMF Introductory Course<\/span><\/a><\/span><\/li>\n<li lang=\"en-US\" style=\"margin-top: 0; margin-bottom: 0; vertical-align: middle;\"><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/csrc\/media\/Projects\/risk-management\/images-media\/rmf-training\/53-intro-course-v1\/index.html\"><span style=\"font-family: Calibri; font-size: 11.0pt;\">Security and Privacy Controls Introductory Course<\/span><\/a><\/span><\/li>\n<li lang=\"en-US\" style=\"margin-top: 0; margin-bottom: 0; vertical-align: middle;\"><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/csrc\/media\/Projects\/risk-management\/images-media\/rmf-training\/53A-intro-course-v1\/index.html\"><span style=\"font-family: Calibri; font-size: 11.0pt;\">Assessing Security and Privacy Controls Introductory Course<\/span><\/a><\/span><\/li>\n<li lang=\"en-US\" style=\"margin-top: 0; margin-bottom: 0; vertical-align: middle;\"><span style=\"color: #ffffff;\"><a style=\"color: #ffffff;\" href=\"https:\/\/csrc.nist.gov\/csrc\/media\/Projects\/risk-management\/images-media\/rmf-training\/53B-intro-course-v1\/index.html\"><span style=\"font-family: Calibri; font-size: 11.0pt;\">Control Baselines Introductory Course<\/span><\/a><\/span><\/li>\n<\/ul>\n[\/vc_column_text][\/vc_column][\/vc_row][vc_row type=&#8221;in_container&#8221; full_screen_row_position=&#8221;middle&#8221; column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; scene_position=&#8221;center&#8221; text_color=&#8221;dark&#8221; text_align=&#8221;left&#8221; row_border_radius=&#8221;none&#8221; row_border_radius_applies=&#8221;bg&#8221; overflow=&#8221;visible&#8221; overlay_strength=&#8221;0.3&#8243; gradient_direction=&#8221;left_to_right&#8221; shape_divider_position=&#8221;bottom&#8221; bg_image_animation=&#8221;none&#8221;][vc_column column_padding=&#8221;no-extra-padding&#8221; column_padding_tablet=&#8221;inherit&#8221; column_padding_phone=&#8221;inherit&#8221; column_padding_position=&#8221;all&#8221; column_element_direction_desktop=&#8221;default&#8221; column_element_spacing=&#8221;default&#8221; desktop_text_alignment=&#8221;default&#8221; tablet_text_alignment=&#8221;default&#8221; phone_text_alignment=&#8221;default&#8221; background_color_opacity=&#8221;1&#8243; background_hover_color_opacity=&#8221;1&#8243; column_backdrop_filter=&#8221;none&#8221; column_shadow=&#8221;none&#8221; column_border_radius=&#8221;none&#8221; column_link_target=&#8221;_self&#8221; column_position=&#8221;default&#8221; gradient_direction=&#8221;left_to_right&#8221; overlay_strength=&#8221;0.3&#8243; width=&#8221;1\/1&#8243; tablet_width_inherit=&#8221;default&#8221; animation_type=&#8221;default&#8221; bg_image_animation=&#8221;none&#8221; border_type=&#8221;simple&#8221; column_border_width=&#8221;none&#8221; column_border_style=&#8221;solid&#8221;]<div class=\"ult-spacer spacer-69faefca6334f\" data-id=\"69faefca6334f\" data-height=\"20\" data-height-mobile=\"20\" data-height-tab=\"20\" data-height-tab-portrait=\"\" data-height-mobile-landscape=\"\" style=\"clear:both;display:block;\"><\/div>[vc_column_text]\n<p style=\"margin: 0in; font-family: Calibri; font-size: 11.0pt;\"><div style='display:none;' class='shareaholic-canvas' data-app='follow_buttons' data-title='NIST Risk Management Framework (RMF)' data-link='https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/' data-app-id='28704193'><\/div>\n[\/vc_column_text]<div class=\"ult-spacer spacer-69faefca6339d\" data-id=\"69faefca6339d\" data-height=\"20\" data-height-mobile=\"20\" data-height-tab=\"20\" data-height-tab-portrait=\"\" data-height-mobile-landscape=\"\" style=\"clear:both;display:block;\"><\/div>[\/vc_column][\/vc_row]\n","protected":false},"excerpt":{"rendered":"<p>[vc_row type=&#8221;full_width_content&#8221; full_screen_row_position=&#8221;middle&#8221; column_margin=&#8221;default&#8221; column_direction=&#8221;default&#8221; column_direction_tablet=&#8221;default&#8221; column_direction_phone=&#8221;default&#8221; bg_color=&#8221;#5b5b5b&#8221; bg_image=&#8221;10185&#8243; bg_position=&#8221;center center&#8221; background_image_loading=&#8221;default&#8221; bg_repeat=&#8221;no-repeat&#8221; scene_position=&#8221;center&#8221; top_padding=&#8221;12%&#8221; constrain_group_1=&#8221;yes&#8221; bottom_padding=&#8221;12%&#8221; left_padding_desktop=&#8221;10%&#8221; constrain_group_2=&#8221;yes&#8221; right_padding_desktop=&#8221;10%&#8221; top_padding_tablet=&#8221;25%&#8221; text_color=&#8221;light&#8221; text_align=&#8221;left&#8221; row_border_radius=&#8221;none&#8221; row_border_radius_applies=&#8221;bg&#8221;&#8230;<\/p>\n","protected":false},"author":1,"featured_media":10185,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-9093","page","type-page","status-publish","has-post-thumbnail"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>NIST Risk Management Framework (RMF) | Sajin Shivdas<\/title>\n<meta name=\"description\" content=\"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"NIST Risk Management Framework (RMF) | Sajin Shivdas\" \/>\n<meta property=\"og:description\" content=\"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/\" \/>\n<meta property=\"og:site_name\" content=\"Sajin Shivdas | Cybersecurity\" \/>\n<meta property=\"article:modified_time\" content=\"2024-08-15T10:57:48+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map-1024x576.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1024\" \/>\n\t<meta property=\"og:image:height\" content=\"576\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/\",\"url\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/\",\"name\":\"NIST Risk Management Framework (RMF) | Sajin Shivdas\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png\",\"datePublished\":\"2024-05-16T18:41:53+00:00\",\"dateModified\":\"2024-08-15T10:57:48+00:00\",\"description\":\"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/#primaryimage\",\"url\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png\",\"contentUrl\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2024\\\/05\\\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png\",\"width\":2400,\"height\":1350,\"caption\":\"NIST_RMF_v01\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/nist-risk-management-framework-rmf\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"NIST Risk Management Framework (RMF)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/#website\",\"url\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/\",\"name\":\"sajinshivdas.com\",\"description\":\"Cybersecurity - Information security Resources, Articles and Latest News\",\"publisher\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/#\\\/schema\\\/person\\\/af1d121cbedd3ce64369f21a359ff2e6\"},\"alternateName\":\"Sajin Shivdas\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/#\\\/schema\\\/person\\\/af1d121cbedd3ce64369f21a359ff2e6\",\"name\":\"Sajin Shivdas\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png\",\"url\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png\",\"contentUrl\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png\",\"width\":1000,\"height\":500,\"caption\":\"Sajin Shivdas\"},\"logo\":{\"@id\":\"https:\\\/\\\/sajinshivdas.com\\\/cybersecurity\\\/wp-content\\\/uploads\\\/2023\\\/01\\\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png\"},\"sameAs\":[\"http:\\\/\\\/sajinshivdas.com\\\/security\",\"www.linkedin.com\\\/in\\\/sajin-shivdas\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"NIST Risk Management Framework (RMF) | Sajin Shivdas","description":"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/","og_locale":"en_US","og_type":"article","og_title":"NIST Risk Management Framework (RMF) | Sajin Shivdas","og_description":"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF","og_url":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/","og_site_name":"Sajin Shivdas | Cybersecurity","article_modified_time":"2024-08-15T10:57:48+00:00","og_image":[{"width":1024,"height":576,"url":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map-1024x576.png","type":"image\/png"}],"twitter_misc":{"Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/","url":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/","name":"NIST Risk Management Framework (RMF) | Sajin Shivdas","isPartOf":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/#primaryimage"},"image":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/#primaryimage"},"thumbnailUrl":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png","datePublished":"2024-05-16T18:41:53+00:00","dateModified":"2024-08-15T10:57:48+00:00","description":"Aspiring cybersecurity candidates and professionals can use this mindmap as a quick reference to learn about the NIST RMF","breadcrumb":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/#primaryimage","url":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png","contentUrl":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2024\/05\/Black-Doodle-Tools-for-Generating-Ideas-Mind-Map.png","width":2400,"height":1350,"caption":"NIST_RMF_v01"},{"@type":"BreadcrumbList","@id":"https:\/\/sajinshivdas.com\/cybersecurity\/nist-risk-management-framework-rmf\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sajinshivdas.com\/cybersecurity\/"},{"@type":"ListItem","position":2,"name":"NIST Risk Management Framework (RMF)"}]},{"@type":"WebSite","@id":"https:\/\/sajinshivdas.com\/cybersecurity\/#website","url":"https:\/\/sajinshivdas.com\/cybersecurity\/","name":"sajinshivdas.com","description":"Cybersecurity - Information security Resources, Articles and Latest News","publisher":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/#\/schema\/person\/af1d121cbedd3ce64369f21a359ff2e6"},"alternateName":"Sajin Shivdas","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sajinshivdas.com\/cybersecurity\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/#\/schema\/person\/af1d121cbedd3ce64369f21a359ff2e6","name":"Sajin Shivdas","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2023\/01\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png","url":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2023\/01\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png","contentUrl":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2023\/01\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png","width":1000,"height":500,"caption":"Sajin Shivdas"},"logo":{"@id":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-content\/uploads\/2023\/01\/5dbd4f42-9550-4c99-82e9-34f3c99a2253.png"},"sameAs":["http:\/\/sajinshivdas.com\/security","www.linkedin.com\/in\/sajin-shivdas"]}]}},"_links":{"self":[{"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/pages\/9093","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/comments?post=9093"}],"version-history":[{"count":0,"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/pages\/9093\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/media\/10185"}],"wp:attachment":[{"href":"https:\/\/sajinshivdas.com\/cybersecurity\/wp-json\/wp\/v2\/media?parent=9093"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}