NIST Cybersecurity Framework and Risk Management Framework

The National Institute of Standards and Technology (NIST) has long been the standard-bearer for the official federal government information security risk management framework (RMF).

While the NIST RMF is a mandated framework for the federal government, it is recommended by Health and Human Services (HHS) and Office for Civil Rights (OCR) as guidance and direction to achieve compliance with the HIPAA Security Rule as defined in NIST Special Publication 800-66.

With the right approach to implementing NIST and OCR guidance, you can establish a comprehensive managed cybersecurity program that includes a robust information risk management practice to inform senior leadership and the board of directors which risks present the most exposure and should be immediately addressed.

Access this white paper by filling out the form on this page. We will send it to the email address you provide.