Risk Management Framework (RMF) for DoD Information Technology (IT)
GPTKB entity
Statements (51)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
gptkb:risk_management_framework
gptkb:United_States_Department_of_Defense_policy |
| gptkbp:abbreviation |
RMF for DoD IT
|
| gptkbp:appliesTo |
cloud computing services
all DoD information systems enclave IT outsourced IT platform IT Department of Defense information technology systems |
| gptkbp:basedOn |
gptkb:NIST_Special_Publication_800-37
|
| gptkbp:documentedIn |
gptkb:DoD_Instruction_8510.01
|
| gptkbp:focusesOn |
continuous monitoring
risk-based decision making |
| gptkbp:goal |
improve cybersecurity posture
align with federal standards reduce risk to DoD operations support mission assurance |
| gptkbp:governs |
authorization to operate (ATO) process
|
| gptkbp:mandate |
gptkb:DoD_Instruction_8510.01
|
| gptkbp:purpose |
ensure information system security
manage cybersecurity risk |
| gptkbp:relatedTo |
gptkb:Federal_Risk_and_Authorization_Management_Program_(FedRAMP)
gptkb:NIST_Risk_Management_Framework |
| gptkbp:replacedBy |
gptkb:DoD_Information_Assurance_Certification_and_Accreditation_Process_(DIACAP)
|
| gptkbp:requires |
gptkb:security_plan
risk assessment authorization package security control assessment continuous authorization security categorization plan of action and milestones (POA&M) system security plan (SSP) |
| gptkbp:securityControlSource |
gptkb:NIST_SP_800-53
|
| gptkbp:stakeholder |
Authorizing Official (AO)
Common Control Provider (CCP) Information System Owner (ISO) Information System Security Manager (ISSM) Information System Security Officer (ISSO) Security Control Assessor (SCA) |
| gptkbp:startDate |
March 12, 2014
|
| gptkbp:step |
assess security controls
authorize information system categorize information system implement security controls monitor security controls select security controls |
| gptkbp:usedBy |
gptkb:Department_of_Defense
DoD contractors |
| gptkbp:bfsParent |
gptkb:DoD_Instruction_8510.01
|
| gptkbp:bfsLayer |
8
|
| https://www.w3.org/2000/01/rdf-schema#label |
Risk Management Framework (RMF) for DoD Information Technology (IT)
|