Skip to main content

CSF Publications

Recent Posts / View All Posts

Which Security Controls Are Required? A Definitive Answer

| Uncategorized | No Comments
By Amanda Lowell, Security+CE, RDRP Folks frequently reach out to BAI to ask, “Which security controls are required for X kind of DoD system?” It’s a valid question that can also be indicative of a common misconception.  The short answer is, you will have certain control overlays for your information…

RMF vs CSF: Which is better?

| Uncategorized | No Comments
By Kathryn Daily, CISSP, CGRC, RDRP         I know it’s a catchy headline, but it’s the wrong question to ask.  NIST RMF and CSF are two totally different animals with a different purpose.  NIST RMF is primarily focused on managing overall organizational risk, providing a structured approach…

CGRC – Governance, Risk and Compliance Certification vs. Certified Authorization Professional (CAP) Update

| Uncategorized | No Comments
By: Philip D. Schall, Ph.D., CISSP As many of you recall from an article written by Kathryn Daily in our January 2023 edition of RMF Today and Tomorrow titled CAP Becomes CGRC What Does this Mean? beginning February 15, 2023, ISC2 renamed the Certified Authorization Professional (CAP) certification to CGRC…