Home » 430 W5 DQ1 UG

430 W5 DQ1 UG

430 W5 DQ1

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Save Time On Research and Writing
Hire a Pro to Write You a 100% Plagiarism-Free Paper.
Get My Paper

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

430 W5 DQ1

Briefly describe the purpose and application of the Risk Management Framework. How does this differ from the Cyber Security Framework? Which would you recommend and why?

Reply to responses.

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

A Aaron

Evening,

The Risk Management Framework (RMF) was first intended for federal agencies but soon was adopted by organization that were in the private sector. A business can’t operate with out exposing themselves to so sort of risks like IT problems, Litigation and Loss of Capitol (Posey, 2021). The RMF is made up of five components, that are Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance. The Identification stage is to identify the risks that an organization might have, and this process is not a one-time thing as these risks might change over time. Measurement and assessment are when you create a risk profile for each that was identified in the first step and the measurement can be in the form of how much capital could be lost. Mitigation is by examining the risks and determining which risks should be eliminated and which risks are acceptable. Reporting and monitoring involves reexamining the risks to make sure the mitigation strategies the organization have adopted are serving their purposes. Governance is the process of making sure the adoption of the mitigation strategies is in place and that the employees are following the policies. RMF is more targeted towards the federal government and CSF was originally developed for critical infrastructure but has been recommended for use in organizations. CSF is aimed towards the private sector more than the federal government and does not have any Authorizing Officials (AOs) or an Authority to Operate (ATO) which RMF has ATOs to determine the authorized periods required for approval by and AO. NIST recommends that the CSF be used to strengthen the RMF. I would say that I would use the RMF to first get the framework in place then start implementing the CSF. Both of the frameworks have two entirely different end goals.

Posey, B. (2021) What is risk management and why is it important? Retrieved from 

https://www.techtarget.com/searchcio/definition/Risk-Management-Framework-RMF#:

~:text=The%20Risk%20Management%20Framework%20is,of%20the%20United%20States%20government

.

430 W5 DQ1 RESPONSES CONTINUATION

Please read before replying to responses. 100-150 words.

Response Requirements

Reminder, each response must be a paragraph which is seven sentences. In addition, I am reminding all students not to lose points moving forward, that the responses for participation need to follow the ABC method. Acknowledge what your classmate has said, build on the content (do not just state, I agree with how you said this, or I like how you said that), and close with a question (an open-ended question). You may send me a message in the private forum with any questions. You must have supporting in-text citations and references to support your discussions posts. Blessings with wisdom and academic growth! Cheers, Professor Ligon Blessings and prayers

B Cody

Hello everyone,

“The Risk Management Framework is a template and guideline used by companies to identify, eliminate and minimize risks. It was originally developed by the National Institute of Standards and Technology to help protect the information systems of the United States government” (Posey, 2021). The Risk Management Framework is simply used periodically to identify and organize risks to an organization. The National Institute of Standards and Technology also created the Cybersecurity Framework. “The Framework integrates industry standards and best practices to help organizations manage their cybersecurity risks” (Swenson, 2022). These are very similar in that they both were created by NIST to help organizations identify, categorize, and to help mitigate risks but they are different in that The Risk Management Framework deals with more overarching risks regarding organizations and the Cybersecurity Framework deals only specifically with cybersecurity threats. I would recommend for an organization to use all of these frameworks since the Cybersecurity Framework would deal with cybersecurity threats and the RMF would cover strategic, legal, operational, and privacy risks.

C Jacob

Good evening Professor Ligon and class,

Risk Management Framework (RMF) is an established set of components (Identification, Measurement and Assessment, Mitigation, Reporting and Monitoring, and Governance) and steps (Prepare, Categorize, Select, Implement, Assess, Authorize, and Monitor) that help companies to identify, eliminate, and minimize risks. These guidelines were originally created by the National Institute of Standards and Technology (NIST) to help protect information systems within the U.S. “Businesses cannot exist without exposing themselves to risks such as IT problems, litigation, and loss of capital” (Posey, 2021). No risk can be totally gotten rid of, there will always be a need for risks. All we can do is mitigate them. This concept benefits businesses by minimizing the risks that are out there which in end lowers the legal spotlight and increases profits.   

Cyber Security Framework (CSF) and RMF are often mixed around when IT professionals are discussing them. When RMF was originally created by NIST, its target audience was the federal government. This is still true today, although private organizations have seen the benefits of RMF and have started to incorporate the guideline into their IT plans. CSF has been created for more critical infrastructures, such as transportation or public utilities. CSF is also suitable for an “Organization of any size, degree of cybersecurity risk, or cybersecurity sophistication” (Webb, 2017). CSF has not been created to replace RMF, it is another tool that organizations have at their disposal to deal with risks associated with the IT field.

Place your order
(550 words)

Approximate price: $22

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more
Live Chat+1 763 309 4299EmailWhatsApp

We Can Handle your Online Class from as low as$100 per week