Home / News / NIST Adds Seven Updates to Draft Risk Management Framework

NIST Adds Seven Updates to Draft Risk Management Framework

The National Institute of Standards and Technology has released an updated draft of its Risk Management Framework designed to guide federal agencies in protecting their information systems.

The agency said Tuesday the update aims to create a better correlation between the risk management processes and activities at the executive level and those at the operational level, as well as standardize critical risk management preparatory activities at all risk management efforts.

The modification also intends to align the NIST Cybersecurity Framework with the RMF; help privacy programs support privacy protection needs; promote the development of credible systems; identify malicious actors or fraudulent processes using supply chain risk management concepts and match organization-generated and traditional baseline control selection approaches.

NIST seeks feedback on the updated RMF draft, as well as its process of developing, passing, storing and deleting information and its impact on security and privacy.

The agency will hold a public comment period regarding the RMF update from Oct. 2 to Oct. 31.

Check Also

New Laboratory at NSWC Crane Focuses on Electro-Optical Technology

Naval Surface Warfare Center Crane Division is investing in electro-optical technologies for the newly launched Naval Innovative Threat Exploitation and Optical Warfare Laboratory or NITE OWL. The new laboratory is meant to help warfighters address electro-optical threats, Naval Sea Systems Command said Tuesday.