I have been doing a lot of work with the NIST SP 800-53 security controls in relation to the Risk Management Framework (RMF) lately and want to understand the assessment process. In my next post I will briefly explain the RMF six steps, focusing on selection of controls and the methods of assessing those controls before digging deeper. The following figure provides a simple overview of how the pieces fit.
No comments:
Post a Comment