Based on your knowledge of the NIST RMF three-tiered approach to Enterprise Risk Management, address the following: Describe the potential impact of the NIST RMF three-tiered approach to ERM on an organization’s compliance with federal cybersecurity laws and regulations. How are third party systems assessed via the RMF? Include in your analysis, an assessment of the advantages and disadvantages of this approach. Support your analysis with appropriate references to NIST documents (and other relevant sources, as needed).
#Approach #Enterprise #Risk #Management