NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Applying the Risk Management Framework to Federal Information Systems

Welcome to the course “Applying the Risk Management Framework to Federal Information Systems”.

The purpose of this course is to provide people new to risk management with an overview of a methodology for managing organizational risk—the Risk Management Framework (RMF).

The RMF was developed by the National Institute for Standards and Technology (NIST) to help organizations manage risks to and from Information Technology (IT) systems more easily, efficiently and effectively.

This course describes at a high-level the importance of establishing an organization-wide risk management program, the information security legislation related to organizational risk management, the steps in the RMF, and the NIST publications related to each step.

Click here to start the course
Back to Top