X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 125 / 158

339 views

0 shares

0 downloads

0 comments

125 / 158

U.S. Department of Health and Human Services

NIST recommends:

RMF should be completed throughout the EPLC

All individuals involved with the management and security of the system should be involved with the RMF process – defined roles and responsibilities are important

RMF is not just a paper drill

RMF should be a manageable effort when it is repeated using a consistent process

The Authorizing Official must understand what it means to “accept the residual risk” for the system

Page 8 of 8

System Security Authorization

RMF Best Practices and Pitfalls

Document info
Document views339
Page views339
Page last viewedSat Dec 03 01:02:08 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments