Lubell, J.
(2020),
A Document-based View of the Risk Management Framework, Balisage Series on Markup Technologies, Washington, DC, [online], https://doi.org/10.4242/BalisageVol25.Lubell01
(Accessed December 17, 2024)
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
A Document-based View of the Risk Management Framework
Published
Author(s)
Abstract
Cybersecurity professionals know the Risk Management Framework as a rigorous yet flexible process for managing security risk. But the RMF lacks a document focus, even though much of the process requires authoring, reviewing, revising, and accessing plans and reports. It is possible to build such a focus by looking more closely at these documents, starting with the System Security Plan and the roles of key participants responsible for it. Such a document- and role-centric view of the RMF process can lead the way toward more efficient and less error-prone security assurance.Proceedings Title
Balisage Series on Markup Technologies
Conference Dates
July 27-31, 2020
Conference Location
Washington, DC
Conference Title
Balisage: The Markup Conference
Pub Type
Conferences
Download Paper
Keywords
Risk Management Framework, XML, OSCAL, DITA, markup language, System Security Plan
Citation
Issues
If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.
Created August 2, 2020, Updated August 3, 2020