Transcription of Risk Management Framework (RMF) - SDISAC
{{id}} {{{paragraph}}}
1 Risk Management Framework (RMF) November 2016 Defense Security Service - 2 - What is Risk Management Framework (RMF) It is a unified information security Framework for the entire federal government that replaces legacy Certification and Accreditation (C&A) Processes applied to information systems RMF is a key component of an organization s information security program used in the overall Management of organizational risk - 3 - RMF Policy References - 4 - RMF Process Stakeholders: New Terminology Old Term in the C&A Process New Term in the RMF Process Designated Approving Authority (DAA) Authorizing Official (AO) Regional Designated Approving Authority (RDAA) Regional Authorizing Official (RAO) Office of the Designated Approving Authority (ODAA) NISP Authorization Office Information System Security Professional (ISSP) Security Control Assessor (SCA) Customer, Government Contracting Activity (GCA) Information Owner (IO) Contractor/ Information System Owner (ISO) Information System Security Manager (ISSM)
- 2 - What is Risk Management Framework (RMF) • It is a unified information security framework for the entire federal government that replaces legacy
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}