NIST 800-37 Insights

What is NIST 800-37?

NIST Special Publication 800-37, Revision 2, is a risk management framework for federal information systems and organizations. It provides a structured, yet flexible, process for managing security and privacy risk. It outlines a six-step process: Categorize, Select, Implement, Assess, Authorize, and Monitor. This framework is widely used by U.S. federal agencies and organizations that do business with the U.S. government to ensure a consistent and comprehensive approach to cybersecurity and privacy.

Find organizations using NIST 800-37 on Sumble →

What other technologies are related to NIST 800-37?

NIST 800-37 Complementary Technologies

NIST 800-53

NIST 800-53 provides a catalog of security and privacy controls for federal information systems and organizations; it's used during the implementation of RMF which NIST 800-37 guides. Thus, it's strongly complementary.

mentioned alongside NIST 800-37 in 4% (441) of relevant job posts

CNSSI 1253

CNSSI 1253 provides guidance on applying security controls to national security systems, which is aligned with the RMF process outlined in NIST 800-37. Thus, it's strongly complementary.

mentioned alongside NIST 800-37 in 7% (99) of relevant job posts

ICD 503

ICD 503 is related to the Risk Management Framework (RMF) and the accreditation of U.S. Intelligence Community (IC) Information Technology (IT) Systems. The RMF is defined in NIST 800-37, hence ICD 503 and NIST 800-37 are strongly complementary.

mentioned alongside NIST 800-37 in 7% (91) of relevant job posts