DIACAP to Risk Management Framework (RMF) … · Click to edit Master title style Cybersecurity...
Transcript of DIACAP to Risk Management Framework (RMF) … · Click to edit Master title style Cybersecurity...
Click to edit Master title style
Cybersecurity Policy Directorate
DIACAP to Risk Management Framework (RMF) Transformation
October 2012
Click to edit Master title style DIACAP to RMF Transformation Background
2
Click to edit Master title style Transformation benefits the entire enterprise
3
Click to edit Master title style Cybersecurity Policy Development Partnerships
4
DoD participates in CNSS and NIST policy development as a vested stakeholder with the goals of a more synchronized cybersecurity landscape and to protect the
unique requirements of DoD Missions and warfighters
DoD participates in development of CNSS and
NIST documents
ensuring DoD equities are
met
DoD leverages CNSS and NIST
policies and filters
requirements to meet DoD
needs
Click to edit Master title style DoD is transforming IA policies and practices to align with Federal government risk management policies and practices
5
Click to edit Master title style DoD is transforming IA policies and practices to improve IT categorization and control selection, and risk management procedures
6
Click to edit Master title style Joint Task Force Transformation Goals
7
Click to edit Master title style DoD supports implementation of Joint Transformation Goals
8
Click to edit Master title style Successful execution of RMF Transformation is enabled through three inter-related DoD CIO initiatives
9
Click to edit Master title style Policy Interdependencies
10
Click to edit Master title style Why are there more NIST SP 800-53 controls than the legacy DoD controls?
11
Click to edit Master title style Categorization and Security Control Selection Process (Steps 1 and 2 of the Risk Management Framework)
12
Click to edit Master title style The Knowledge Service is an authoritative source for DoD Transformation policy and guidance
13
Click to edit Master title style C&A Transformation Timeline
14
4th Quarter FY12
3rd Quarter FY12
2nd Quarter FY12
1st Quarter FY12
1st Quarter FY13
2nd Quarter FY13
Click to edit Master title style The Enterprise Mission Assurance Support Service (eMASS) is supporting DoD’s RMF Transformation
15
Click to edit Master title style Contact Information
16
To become part of the DoD RMF community of interest, visit the online Knowledge Service:
https://diacap.iaportal.navy.mil *
* Access requires a DoD PKI certificate or an ECA PKI certificate