The Risk Management Framework (RMF) was developed and published by the National Institute of Standards and Technology (NIST) in 2010 and later adopted by the Department of Defense (DoD) to act as criteria for strengthening and standardizing the risk management process of information security organizations. The framework can be used by nearly any company interested in bolstering cybersecurity and risk management.
Risk management is means for protecting organizational assets and systems by implementing security controls that support early risk detection and resolution. The RMF achieves this by helping companies bring more structure and oversight to the system development life cycle by integrating cybersecurity and risk management into the early stages of the system development process.
Read More from This Article: What is the Risk Management Framework (RMF)? A standardized security framework
Source: News