Skip to main content
All Posts By

Kathryn Daily

FedRAMP Turns 10!

By Kathryn Daily, CISSP, CAP, RDRP On December 8, 2021, the FedRAMP program turned 10 years old! Created in 2011, the goal for FedRAMP was to produce a cost-effective, repeatable solution for securing cloud services and cloud service providers. I think we can safely say, mission accomplished. The CGI IAAS…

Read More

Dear Dr. RMF

Tony from OSD asks: Dr. RMF, I currently assess a boundary that includes all of our desktops, laptops, network printers, and some local printers. There are a number of devices (i.e. desktop/laptops) that don’t store Personally Identifiable Information (PII) per se, but will disseminate PII to our records management boundary…

Read More

Happy Birthday, RMF!

By Lon J. Berman, CISSP, RDRP This month we will be celebrating our oldest grandson’s tenth birthday. It suddenly made me realize that with everything that’s been going on in 2020, it appears we missed another significant birthday this year – February marked the tenth birthday of the Risk Management…

Read More

BAI’s Hands-on eMASS Simulator

by P. Devon Schall, PhD, CISSP, RDRP BAI recognizes that eMASS is a stumbling block for many new RMF practitioners. To mitigate these challenges, our instructional designers felt the creation of an eMASS sandbox environment where our students could practice working in eMASS without being scared to submit incorrect data…

Read More

RMF Supplement for DCSA Cleared Contractors

By Lon J. Berman, CISSP, RDRP In a previous edition (January, 2020) of RMF Today … and Tomorrow, we presented an overview of the adoption of RMF and eMASS by the Defense Counterintelligence and Security Agency (DCSA) for use by cleared contractor companies operating within the National Industrial Security Program…

Read More

Dear Dr. RMF

Dear Dr. RMF, I have a boundary for a web application.  My SISO wants to move another web application into this approved boundary.  The move is because both have similar operating characteristics, security and privacy requirements, and reside in the same environment of operation.  As the SCA for the receiving…

Read More