Overheard: Word of the Day

A Whatis.com blog

» VIEW ALL POSTS Apr 11 2010   1:11PM GMT

Overheard talking about government and a new risk management framework



Posted by: Margaret Rouse
Tags:
government IT
risk management
RMF The most obvious impacts will be seen in how this [document] brings the national security community closer to legislative compliance requirements, assists our inspector general audits, and aligns with the rest of the federal government to support reciprocity…the document provides an approach to manage risks for both traditional and complex systems, a procedure that was not formalized previously.

Roger L. Caslow,as quoted in New Document Provides Framework for Interagency Data Sharing

Roger L. Caslow is chief of the Risk and Information Assurance Program Division, Office of the Associate Director of National Intelligence and Chief Information Officer. He’s talking about NIST Special Publication 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach (NIST SP 800-37) and apparently he doesn’t like to have his picture taken.

Henry Kenyon describes the special publication as a six-step risk management framework (RMF); a common information security framework for the federal government and the contractors who support it. The official diagram is below:

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: