NIST releases Risk Management Framework 2.0 to combine privacy, security and supply chain into one

NIST releases Risk Management Framework 2.0 to combine privacy, security and supply chain into one

The National Institute of Standards and Technology posted the newest update to its Risk Management Framework.

“RMF 2.0 is the first framework in the world to address security, privacy, and supply chain risk in an integrated manner — at the organization, mission/business process, and system levels,” NIST Fellow Ron Ross wrote in a Twitter post.

RMF 2.0’s full name is the NIST Special Publication 800-37 Revision 2, Risk Management Framework (RMF) for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy.

NIST said RMF 2.0 adds a step called Prepare and includes seven major objectives.

Prepare is intended to help organizations facilitate effective communication between executives and employees. It also guides users to enable enterprise-wide identification of privacy and security controls, reduce complexity of IT systems and applications, eliminate unnecessary functions and, ultimately, to prioritize resources for high value assets and protect those accordingly.




Next Article

Did you find this useful?

Medigy Innovation Network

Connecting innovation decision makers to authoritative information, institutions, people and insights.

Medigy Logo

The latest News, Insights & Events

Medigy accurately delivers healthcare and technology information, news and insight from around the world.

The best products, services & solutions

Medigy surfaces the world's best crowdsourced health tech offerings with social interactions and peer reviews.


© 2024 Netspective Foundation, Inc. All Rights Reserved.

Built on Nov 21, 2024 at 6:20am