RMF provides system-level cyber controls. Leading COTS vendors provide board-level hardware and software that can help address the controls defined by RMF, while software from partners can address additional controls. For more information on RMF, please consult the following resources:
Risk Management Framework for Information Systems and Organizations: A System Life Cycle Approach for Security and Privacy Overview of RMF and guidance on how to apply to systems. Guide for Mapping Types of Information and Information Systems to Security Categories Guide on how to categorize security levels/risks for system. Security and Privacy Controls for Federal Information Systems and Organizations A comprehensive list of controls used in RMF. Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment how much does a computer engineer make Provides guidance on how to verify each control has been implemented appropriately.
Standards for Security Categorization of Federal Information and Information Systems Defines the impact categories for confidentiality, integrity, and availability
No comments:
Post a Comment