U.S. Department of Health and Human Services
The RMF process includes categorizing the information system, selecting security controls, implementing security controls, assessing security controls, authorizing the information system, and continuous monitoring.
IT Administrators are most likely to be involved in continuous monitoring after a system has been received an authorization to operate.
Page 1 of 8
System Security Authorization
The Purpose of Risk Management Framework (RMF)