Select baseline control definitions
Within the NIST RMF application, the Select section focuses on the review of the initial set of baseline control definitions. You can also tailor the control definitions, by tagging them based on organizational requirements.
Note:
Starting with version 10.1.0, the NIST RMF Use Case Accelerator will be supported only for customers who currently use the product. New and existing customers should consider using the GRC: Continuous Authorization Monitoring application. For
details, Continuous Authorization and Monitoring.
After performing Impact Analysis, the user selects and tailors the baseline controls for that target. A dashboard provides an overview of the baseline policy statements in the catalog, alongside the catalog of baseline controls being implemented.
Next, the user tailors the baseline controls. Another dashboard contains several reports
detailing the baseline policy statements alongside baseline controls which are tagged as
Assurance, Common,
Compensating and Supplemental.
Note:
Both
Review Baseline Controls and Tailor Baseline
Controls require that you implement all necessary controls following the standard
Policy and Compliance Management
application procedures. Return to these dashboards for the selecting and tailoring of those
controls.