Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AlexDersch
Newcomer I
‎03-20-2024 04:30 PM
‎03-20-2024 04:30 PM

Tools for NIST RMF

Hi, we are looking for a tool to support us in the paperwork of the RMF processes. Something similar to ServiceNow Integrated Risk Management. 

Any ideas or suggestions?

 

thanks in advanced

Alex

Reply
7 Replies
Caute_cautim
Community Champion
‎03-20-2024 08:40 PM
‎03-20-2024 08:40 PM

@AlexDersch   Build your own approach for better understanding within the corporation:

 

Example:  https://www.ibm.com/policy/ibms-approach-to-implementing-the-nist-ai-rmf/

 

Regards

 

Caute_Cautim

Reply
AlexDersch
Newcomer I
‎03-21-2024 03:01 AM
‎03-21-2024 03:01 AM

Thanks for your feedback Caute_Cautim,

it not about the processes, my request is more related to tracking poam's, risks, in excel is quite a pain. 

Greetings from Switzerland

Alex

Reply
0 Kudos
Early_Adopter
Community Champion
‎03-21-2024 03:52 AM
‎03-21-2024 03:52 AM

If pedigree is important and money no issues then Archer would probably work for you.

Panaseer is a small startup that will do things for you.

OneTrust got very big, very quick on a privacy push from GDPR, then shrunk a bit.

Or you can roll your own with the help of some open source efforts.

That would be more challenging but fun. Even more effort gets you your own data store and some BI visualisations.

Just plugged Vendors so I might as well add this:

https://www.gartner.com/reviews/market/it-risk-management-solutions

https://www.gartner.com/reviews/market/it-risk-management-solutions

Hard to say what’s a fit with limited info I’m afraid.
Reply
AlexDersch
Newcomer I
‎03-21-2024 05:32 AM
‎03-21-2024 05:32 AM

Thanks, Early Adopter, I am not a fan of open source solutions. I will have a look at the Gartner reports.
Best regards
Alex
Reply
Steve-Wilme
Advocate II
‎03-21-2024 07:43 AM
‎03-21-2024 07:43 AM

It's perfectly possible to implement risk management in ServiceNow without purchasing the dedicate risk module if your support team has the skill set.  

 

-----------------------------------------------------------
Steve Wilme CISSP-ISSAP, ISSMP MCIIS
Reply
shervinG
Viewer
‎05-21-2024 03:51 PM
‎05-21-2024 03:51 PM

Hi Alex, I know your post is somewhat dated, but I was wondering if you found the tool you were looking for as a ServiceNow IRM alternative?

Reply
0 Kudos
volochainmlm4
Viewer II
‎09-21-2024 03:54 AM
‎09-21-2024 03:54 AM

Tools for the NIST Risk Management Framework (RMF) are essential for organizations aiming to effectively manage cybersecurity risks and comply with federal standards. These tools range from automated assessment platforms that streamline the categorization and selection of security controls, to risk assessment and monitoring solutions that facilitate continuous compliance. Additionally, documentation tools help maintain comprehensive records of security activities, while training resources ensure that personnel are well-versed in the RMF processes table top styles. By leveraging these tools, organizations can enhance their risk management practices, improve decision-making, and strengthen their overall cybersecurity posture.

Reply