AU
AU-1: Policy and Procedures
RMF Control AU-1: Policy and Procedures requires organizations to establish and maintain a comprehensive set of policies and procedures to address the security and privacy of information systems and the information processed, stored, and transmitted by those systems. Supplemental Guidance The Risk Management Framework (RMF) is a cybersecurity framework that provides a process for managing …