NIST Special Publication 800-37

Citation: NIST Special Publication (SP) 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach (Feb. 2010).

Overview
NIST Special Publication (SP) 800-37 provides agencies with guidance for applying a risk management framework to federal information systems to include security categorization, security control selection and implementation, security control assessment, information system authorization, and security control monitoring. This framework includes the preparation of a security assessment report and authorization package.