Top Ten—Sources of RMF Policy and Guidance

By Annette Leonard of BAI, Inc. RMF-related policies and guidance come from a plethora of sources within the seemingly-convoluted federal landscape. We believe a good understanding of these sources will be helpful as you move forward in your RMF implementation. Here, then is our “Top Ten” list of RMF policy and guidance providers. 10. US…

Significant Update to NIST SP 800-53A

By Kathryn M. Farrish, CISSP of BAI, Inc. At long last, NIST has finally released a draft copy of the updated version of SP 800-53A, entitled Assessing Security and Privacy Controls in Federal Information Systems and Organizations. This is an important document in the RMF “document library” because it contains the “how to” for assessing…

RMF Transition—What is the Real Timeline?

By Lon Berman of BAI, Inc. Now that RMF is official DoD policy, every DoD system owner needs to begin planning their “transition” from DIACAP. In order to plan and execute the transition, system owners need the answers to three basic questions: What does the transition process entail? When do I need to begin the…

Spotlight: Transitioning to the Risk Management Framework (RMF)

With the publication of revised DoD Instruction 8510.01, adoption of the Risk Management Framework (RMF) by DoD has begun.  DoD programs are busy planning and implementing strategies for transitioning from DIACAP to “RMF for DoD IT”. What Efforts are Taking Place in Support of the RMF Transition? Tier 1: DoD Enterprise RMF Knowledge Service –…

RMF Training: Better Price. Better Delivery. Best Results.

The DoD has announced that RMF for DoD IT will supercede the current DIACAP requirements. Revised DoD IA policies and procedures will not be published until later this year and there’s sure to be a “phase in” period. Why should your organization be concerned about preparing for the upcoming RMF transition now? Get Familiarized with…

Offensive Wifi Gear Has Started to Arrive!

We are getting excited about our upcoming Offensive Wifi and Mitigation Techniques class.  Gear has started to arrive!  Check out these Mark V Pineapples that showed up today!  This class will be using these and other tools to demonstrate wifi attacks and how to prevent against them.  If you would like more information, please give…

RMF Transition Timeline Infographic

IT Dojo offers a comprehensive course on the transition from DIACAP to RMF.  Please take a look at our RMF training courses here. Here is a link to a great book on RMF that we highly recommend. A ton of other information can be found on the NIST web site.

Cloud Security and FedRAMP. Are you Ready for it?

A deadline for federal agencies to adhere to the government’s baseline cloud security standards and changes to the standards themselves are coming up very soon. The deadline for agencies to have their existing cloud computing solutions assessed against the Federal Risk and Authorization Management Program, or FedRAMP is June 5, 2014 Read more about this…