Roles & Responsibilities
2014 Update: DIACAP has been replaced by RMF for DoD IT. The RMF for DoD IT is almost completely derived from the NIST SP 800-37. NIST roles and responsibilities are addressed throughout the special...
View ArticleISC2 CAP Domain Changes
Got this message today on CAP domain changes.. Not much changed: On September 1, 2013, (ISC)²® will implement certain domain-related changes for the Certified Authorization Professional (CAP®)...
View ArticleApproved System
Information Assurance is based on obtaining a high level of confidence on information’s confidentiality, integrity, and availability. Some organizations that deal with “critical information”....
View Articlediacap to diarmf: FISMA 2013
The Federal Information Security Amendments Act, H.R. 1163, Amends the Federal Information Security Management Act of 2002 (FISMA). Main Points of FISMA 2002: Cost-effectively reduce information...
View Articlediacap to diarmf: C&A vs RMF
DIACAP is transitioning from a Certification and Accreditation to a Risk Management Framework. Most of the new Risk Manager Framework is in the NIST Special Publication 800-37. The old NIST SP 800-37...
View ArticleWho Created/Manages NIST 800?
Who Creates and/or Manages the NIST 800? This NIST 800 is a well thought out set of federal security standards that DoD and the Intel world is moving too. It aligns with International Organization for...
View Articlediacap to diarmf: intro
DIACAP to DIARMF: Intro image of diacap to rmf DoD Chief Information Officer (formerly Assistant Security Defense), in collaboration with the Department of the Navy CIO, has developed a DoDI 8500.2 to...
View ArticleDIACAP to DIARMF: Assessment Authorization
DIACAP to DIARMF: Assessment Authorization With the move from certification and accreditation (C&A) to risk management framework, comes a few new terms. “C&A” will be replaced with assessment...
View Articlediacap to diarmf: manage information security risk
Risk Management Framework is implemented throughout an organization. NIST 800-39, Manage Information Security Risk, describes how to implement risk within t three layers (or tiers) of of an...
View ArticleRMF for DoD IT no DIARMF
Ms Teri Takai, DoD CIO, just signed the new Risk Management Framework document into existence. DoDI 8510.01, Risk Management Framework for DoD IT is what will be replacing the DIACAP. This document...
View Article
More Pages to Explore .....