Free tools and resources for Data Protection Officers!

NIST updates its Risk Management Framework

US National Institute of Standards and Technology (NIST) has published draft update to its Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy. The update to NIST Special Publication 800-37 (Revision 2) responds to the call by the Defense Science Board, Executive Order 13800, and OMB Memorandum M-17-25 to develop the next-generation Risk Management Framework (RMF) for information systems, organizations, and individuals. A public comment period for this draft document is open until June 22, 2018.

Source: SP 800-37 Rev. 2 (DRAFT), RMF: A System Life Cycle Approach for Security and Privacy | CSRC

>