Resources, Tools, and Publications

This section is the collection of key NIST publications, resources related to control systems, and tools that can used in the Test and Development and Production Environments for Continuous Monitoring and Auditing.

Product List by Product and Date Posted
Product Date Posted

RMF Self-Assessment Tool (R-SAT)

Software and Guidance

A prescriptive, step-by-step method to facilitate and accelerate Risk Management Framework (RMF) Self-Assessments through automation. The RMF Self-Assessment Tool (R-SAT) is an Excel based tool that was designed to streamline the process for obtaining an Authority to Operate for network-enabled Facility-Related Control Systems (FRCS) by providing focused, step-by-step guidance and outputs supporting RMF Steps 1-3. RSAT works in conjunction with the Enterprise Mission Assurance Support Service (eMASS) government-owned application. 

Sep 2020

National Security Agency Central Security Services Cybersecurity Advisories & Technical Guidance

NSA Leverages its elite technical capability to develop advisories and mitigations on evolving cybersecurity threats. Browse or search the repository of advisories, info sheets, tech reports, and operational risk notices listed below. Some resources have access requirements. For a subset of cybersecurity products focused on telework and general network security for end users, view the Telework and Mobile Security Guidance page  here.

Sep 2020

An Army Guide to Navigating the Cyber Security Process for Facility Related Control Systems

Personnel who maintain Facility Related Control Systems (FRCS) of any type are required to implement cybersecurity to attain and maintain an Authority to Operate (ATO) on their respective systems. This document is a guide for installation personnel owning and operating control systems to assist in addressing the cybersecurity process for FRCS in the Army through the Risk Management Framework (RMF) approach, which en-compasses six steps. This manual walks the reader through the administrative aspects of each step.

Jun 2020
Aug 2019
Jul 2018
Jul 2018
Jul 2018
Feb 2019
Jul 2017
Jan 2019
Aug 2019
Aug 2018
Aug 2018
Aug 2019
Oct 2018
Jan 2019
Jan 2019
Jan 2019

EI&E RMF FRCS Master List (Current)

OFFICE OF THE ASSISTANT SECRETARY OF DEFENSE Distribution of the Facility-Related Control Systems Master List Memorandum 07-2021

This memorandum and attachment provide a baseline to codify the categories that make up FRCS for the DoD. The FRCS Master List at Attachment A provides the type, description, function, and mission description of each FRCS category. The distribution of this list allows DoD Components to address cybersecurity and management of FRCS utilizing a standardized definition. Additionally, the standardization of these categories will enable the DoD Components to more accurately program and budget for FRCS activities. The office recognizes that one list cannot be comprehensive for all DoD Components by virtue of the wide range of missions occurring within the DoD. In the absence of a DoD Component-specific FRCS Master List, DoD Components are able and encouraged to use this list as a guidepost in developing their own DoD Component specific FRCS Master List.

Jul 2019
Aug 2019
Share