NIST SP 800-37 Insights

What is NIST SP 800-37?

NIST Special Publication 800-37 (Risk Management Framework for Information Systems and Organizations) provides a structured, yet flexible, process for managing security and privacy risk. It is used to select and specify security controls for information systems, implement and assess the controls, and authorize system operation. The RMF promotes near real-time risk management through continuous monitoring and is commonly used by U.S. Federal agencies and organizations that require a robust and standardized approach to cybersecurity.

Find organizations using NIST SP 800-37 on Sumble →

What other technologies are related to NIST SP 800-37?

NIST SP 800-37 Complementary Technologies

NIST SP 800-53

NIST SP 800-53 provides a catalog of security and privacy controls for federal information systems and organizations. SP 800-37 provides the Risk Management Framework that utilizes these controls, making them highly complementary.

mentioned alongside NIST SP 800-37 in 13% (565) of relevant job posts

Committee on National Security Systems Instruction (CNSSI) 1253

CNSSI 1253 provides guidance on the security categorization and control selection for national security systems, similar to NIST SP 800-53, which makes it complementary to the RMF.

mentioned alongside NIST SP 800-37 in 48% (63) of relevant job posts

NIST SP 800-53A

NIST SP 800-53A provides assessment procedures for the security controls in NIST SP 800-53. Assessment is part of the RMF. It's used to verify the effectiveness of controls implemented according to NIST SP 800-37.

mentioned alongside NIST SP 800-37 in 30% (77) of relevant job posts