Update and implement the Enterprise Risk Management program, including applicable policies and procedures, to align with the new requirements outlined in the NIST SP 800-53, Rev. 5, Security and Privacy Controls for Information Systems and Organizations, dated September 23, 2020.