RMF Publications
See also:
Recent Posts / View All Posts
By Amanda Lowell, Security+CE, RDRP Folks frequently reach out to BAI to ask, “Which security controls are required for X kind of DoD system?” It’s a valid question that can also be indicative of a common misconception. The short answer is, you will have certain control overlays for your information…
By Kathryn Daily, CISSP, CGRC, RDRP I know it’s a catchy headline, but it’s the wrong question to ask. NIST RMF and CSF are two totally different animals with a different purpose. NIST RMF is primarily focused on managing overall organizational risk, providing a structured approach…
By: Philip D. Schall, Ph.D., CISSP As many of you recall from an article written by Kathryn Daily in our January 2023 edition of RMF Today and Tomorrow titled CAP Becomes CGRC What Does this Mean? beginning February 15, 2023, ISC2 renamed the Certified Authorization Professional (CAP) certification to CGRC…