Complete step1. You are appointed to lead the security team assigned to the SureMarket account. You must conduct a SOX assessment of compliance on SureMarket using the NIST Risk Management Framework (RMF) as described in NIST Special Publication 800-37 Revision 2, Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy (NIST SP 800- 37) as follows: Step 1: Categorize Information Systems ​