Automating the RMF Process
Salons 3 & 4
Risk Management Framework (RMF) practices are being employed across the Federal government to improve visibility, implement better controls, and support faster responses to cyber threats across IT applications, software, and infrastructure. Developed by the National Institute of Standards and Technology (NIST), the RMF requires agencies to continually understand, assess, monitor, and document their cyber risks over the lifecycle of their IT assets. The six-step process aims to makes the IT authorization process a continuous, holistic, risk management-focused approach. Attend this session to understand the challenges government agencies are facing as they work to manage the RMF program, learn about approaches to simplify and automate the process, and build towards a risk-based cybersecurity culture.