Hi All,
NIST just published NIST Risk Management Framework (RMF) Small Enterprise Quick Start Guide, A Comprehensive, Flexible, Risk-Based Approach to Managing Information Security and Privacy Risk.
The new guide is designed to help small, under-resourced entities understand the value and core components of the RMF and provides a starting point for designing and implementing an information security and privacy risk management program. Within the guide you'll find:
An overview of the seven steps of the RMF process
Foundational tasks for each RMF step
Tips for getting started
Sample planning tables
Key terminology and definitions
Questions for organizations to consider
Related resources
For a copy of the guidance: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.1314.pdf
------------------------------
Michael Roza CPA, CISA, CIA, CC, MBA, Exec MBA, CSA Research Fe
------------------------------