Welcome to BAI - Your RMF, DIACAP and FISMA Resource Center

Risk Management Framework (RMF) is the unified information security framework for the entire federal government that is replacing the legacy Certification and Accreditation (C&A) processes within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC).

RMF is an integral part of the implementation of FISMA, the Federal Information Security Management Act, and is based on publications of the National Institute of Standards and Technology (NIST) and the Committee on National Security Systems (CNSS).

BAI is dedicated to providing RMF training and consulting services to government organizations and their supporting contractors, vendors, and service providers.

Select one of the buttons below to learn about RMF training and consulting for your community of interest:

Department of Defense (DoD)

Federal "Civil" Departments/Agencies

Intelligence Community (IC)


Signup to receive our Newsletter  or view archived newsletters

BAI Information Security Announces Curriculum Enhancement of “Risk Management Framework (RMF) for DoD IT” Training Program

Fairlawn, VA – March 6, 2015 – BAI Information Security today announced a substantial enhancement to the Risk Management Framework (RMF) for DoD IT training program curriculum. The revised training program, dubbed “Version 3.0,” significantly ramps up the emphasis on building skills that DoD employees and contractors will need as their programs make the transition from DIACAP to RMF.