From the course: Implementing the NIST Risk Management Framework
Join today to access over 25,300 courses taught by industry experts.
NIST RMF assessment steps
From the course: Implementing the NIST Risk Management Framework
NIST RMF assessment steps
Now that you understand the RMF's assessment goals and requirements, you'll use a standard process describing when and how to conduct a security control and risk assessment. Control assessments are conducted in accordance with the security and privacy assessment plans. Opportunities to reuse assessment results from previous assessments to make the risk management process timely and cost-effective are considered. The use of automation to conduct control assessments is maximized to increase speed, effectiveness, and efficiency of assessments. There are standard best practices when conducting security assessments. You want to start the assessments as early as possible in the software or systems development lifecycle, where it's much more efficient and effective to identify requirements and remediate potential deficiencies. This means identifying security requirements at the project's beginning. If you're using an outside vendor, the requirements should be part of the source selection…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.