Home / News / NIST Adds Seven Updates to Draft Risk Management Framework

NIST Adds Seven Updates to Draft Risk Management Framework

The National Institute of Standards and Technology has released an updated draft of its Risk Management Framework designed to guide federal agencies in protecting their information systems.

The agency said Tuesday the update aims to create a better correlation between the risk management processes and activities at the executive level and those at the operational level, as well as standardize critical risk management preparatory activities at all risk management efforts.

The modification also intends to align the NIST Cybersecurity Framework with the RMF; help privacy programs support privacy protection needs; promote the development of credible systems; identify malicious actors or fraudulent processes using supply chain risk management concepts and match organization-generated and traditional baseline control selection approaches.

NIST seeks feedback on the updated RMF draft, as well as its process of developing, passing, storing and deleting information and its impact on security and privacy.

The agency will hold a public comment period regarding the RMF update from Oct. 2 to Oct. 31.

Check Also

Top Pentagon Data Officer Explains Challenges Utilizing AI at DoD

Michael Conlin, Pentagon’s chief data officer, has said that the structure of data and developing a workforce would be the two major challenges to the agency’s adoption of artificial intelligence, FedScoop reported Thursday.