Top Ten—Things You Should Know about eMASS

Top Ten—Things You Should Know about eMASS By Lon J. Berman, CISSP The Enterprise Mission Assurance Support Service, or eMASS, is a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services for comprehensive, fully-integrated cybersecurity management, including controls scorecard measurement, dashboard reporting, and the generation of Risk…

Continue Reading

Post Categories: Risk Management Framework Tags:  EMASS TRAINING

Security Control Spotlight— “Naming” of Controls, Enhancements and CCIs

Security Control Spotlight— “Naming” of Controls, Enhancements and CCIs By Kathryn M. Daily, CISSP After assisting numerous customers with their RMF efforts, we have seen several instances of confusion arise concerning the “naming” or “numbering” of Security Controls, Control Enhancements, and Control Correlation Identifiers (CCIs). We hope this short tutorial will…

Continue Reading

Post Categories: Risk Management Framework Tags:  CCIS CONTROLS ENHANCEMENTS RMF

RMF and the Cloud

RMF and the Cloud P. Devon Schall Probably the most talked-about concept in information technology today is cloud computing, often simply called “The Cloud.” According to the National Institute of Standards and Technology (NIST), cloud computing is “a model for enabling ubiquitous, on-demand network access to a shared pool of…

Continue Reading

Post Categories: Risk Management Framework Tags: