Kathryn Daily

Kathryn Daily In Risk Management Framework

Powerful but not well understood: Reciprocity, Type Authorization, and Assess Only

By Lon J. Berman, CISSP, RDRP All of us who have spent time working with RMF have come to understand just what a time-consuming and resource-intensive process it can be. As bad as that may be, it is made even worse when the same application or system ends up going…

Kathryn Daily In Risk Management Framework

The Results Are In!

A Quantitative Study on the Receipt of Formalized RMF Training and Perceptions of RMF Effectiveness, Sustainability, and Commitment in RMF Practitioners. By P. Devon Schall, Ph.D., CISSP, RDRP Over the past year, I have conducted research on the relationship between the receipt of formalized RMF training and perceptions…

Kathryn Daily In Risk Management Framework

NIST 800-37 Rev 2: It’s Official!

By Kathryn Daily, CISSP, CAP, RDRP NIST has officially released NIST 800-37 Rev 2 and dubbed it as “RMF 2.0.” The framework has been updated to include both cybersecurity and privacy to be key for an authorization decision. “RMF 2.0 gives federal agencies a very powerful tool to manage both…

Kathryn Daily In BAI Announcements, Risk Management Framework, RMF Training

BAI Announces Security Control Assessment (SCA) Workshop

By Alice Steger, Director of Sales & Marketing Training Overview Security Controls Assessment Workshop provides a current and well-developed approach to evaluation and testing of security controls to prove they are functioning correctly in today's IT systems. This course shows you how to evaluate, examine, and test installed security controls…

Kathryn Daily In Risk Management Framework

RMF 30-Day Sprint

By P. Devon Schall, M.S., MA.Ed. CISSP, RDRP Over the past few months, I have heard rumblings of something called "RMF 30- Day Sprint". It came up initially during an RMF for DoD IT training I taught in Virginia Beach, and it was pitched as a new program to grant…

Kathryn Daily In NIST Privacy Framework

The Newest NIST Framework: The NIST Privacy Framework

By Kathryn Daily, CISSP, CAP, RDRP NIST has announced the development of a Privacy Framework. The framework is needed to ensure the ability to design, operate, or use technologies in ways that are observant of various privacy needs in a progressively connected and complicated environment. It is expected to help…

Kathryn Daily In Risk Management Framework

Is RMF Broken? Can it be fixed or is it beyond Repair?

By Lon J. Berman CISSP, RDRP Thanks to the work of the Joint Task Force, RMF is now the official information security life cycle process across all three "segments" of the Executive Branch, i.e., DoD, federal civil agencies, and the intelligence community. It's now been 4 ½ years since DoD…

Kathryn Daily In Risk Management Framework

Top Ten—Preparing for RMF Questions

By P. Devon Schall, CISSP, RDRP With the addition of Step 0 to the RMF life cycle (a preparation step that BAI has been preaching for years which is now being implemented in SP 800-37 Rev. 2), we decided to make this month’s top ten list based on preparation. Preparation…

Kathryn Daily In NIST 171

NIST 171—What’s That?

By Kathryn Daily, CISSP, RDRP If you heard a whooshing sound on New Year's Eve, that was probably the deadline for compliance with NIST 171 flying by. A lot of you might be asking “What is NIST 171?” NIST 171 is a set of requirements documented in the NIST Special…

Kathryn Daily In BAI Announcements

BAI Introduces CISSP Training

By Lon J. Berman, CISSP, RDRP BAI has recently expanded its training program to include training for the Certified Information Systems Security Professional (CISSP) credential. Beginning in February 2018, we are offering an intensive five-day course designed to prepare students for the CISSP certification exam. CISSP is an internationally recognized…

Powerful but not well understood: Reciprocity, Type Authorization, and Assess Only

The Results Are In!

NIST 800-37 Rev 2: It’s Official!

BAI Announces Security Control Assessment (SCA) Workshop

RMF 30-Day Sprint

The Newest NIST Framework: The NIST Privacy Framework

Is RMF Broken? Can it be fixed or is it beyond Repair?

Top Ten—Preparing for RMF Questions

NIST 171—What’s That?

BAI Introduces CISSP Training

Site Search

Recent Posts