Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Home

NCI Security and Compliance Information

Error rendering macro 'rw-search'

null

Page History

Versions Compared

Old Version 17

changes.mady.by.user Unknown User (scotterr)

Saved on Jul 22, 2021

compared with

New Version 18

changes.mady.by.user Unknown User (scotterr)

Saved on Aug 20, 2021

Key

This line was added.
This line was removed.
Formatting was changed.

...

Systems enter the CM Phase (Step 6 of the NIST RMF) after achieving ATO. The purpose of this phase is to provide oversight and monitoring of the security controls in the information system on an ongoing basis and to inform the Authorizing Official (AO) when changes occur that may impact the security of the system. CM consists of three tasks: (i) configuration management and control; (ii) security control monitoring; and (iii) status reporting and documentation, which are performed continuously throughout the life cycle of an information system.

Control Baseline

The set of security and privacy controls that are applicable to information or an information system to meet legal, regulatory, or policy requirements, as well as address protection needs for the purpose of managing risk. The control baseline is developed during Step 2 (Select) of the RMF.

E-Authentication Risk Assessment (eRA) / e-Authentication Threshold Analysis (eTA)

...

Accessibility | Contact CBIIT | FOIA | HHS Vulnerability Disclosure | Comment Policy
U.S. Department of Health and Human Services | National Institutes of Health | National Cancer Institute | USA.gov
NIH ... Turning Discovery Into Health®

Powered by Atlassian Confluence, themed by RefinedTheme