Implement security controls
Within the NIST RMF application, the Implement section focuses on the physical implementation of the baseline security controls. The NIST RMF application may also include other standard security controls, already used by the targets or its environment of operation.
Note:
Starting with version 10.1.0, the NIST RMF Use Case Accelerator will be supported only for customers who currently use the product. New and existing customers should consider using the GRC: Continuous Authorization Monitoring application. For
details, Continuous Authorization and Monitoring.
Users can view a list of all controls that originate from a NIST 800-53.r4 policy statement,
update any implementation details, and update the controls.
Note:
The NIST RMF application
provides read-only access to the security controls. Update these controls following the
standard Policy and Compliance Management
application procedures.
An important aspect of implementing controls is testing them appropriately. Users can view a
list of all control tests that were created for security controls with a policy statement source
of NIST 800-53 r4.
Note:
The NIST RMF application provides read-only access to the security
control tests. Update these tests following the standard Audit Management application
procedures.