Accelerating Information Security Risk Management & Compliance
The Risk Management Framework (RMF) Accelerator is a web-based system designed to streamline information security Assessment and Authorization (A&A) process with intuitive, selfguided navigation that simplifies the following RMF steps, in compliance with NIST SP 800-53 Rev 4:
- Categorize Information System
- Select Security Controls
- Implement Security Controls
The RMF Accelerator assists the Information System and Facility Owners with:
- Understanding the applicable security controls, description and supplemental guidance;
- Gathering information about the implementation of applicable security controls and the operating environment;
- Reducing time to generate System Security Plan (SSP) to support the security assessment in eMASS, CFACTS, and other similar systems; and
- Supporting assessment of the adequacy of the required protective measures, residual risk, and determining the readiness of the system for accreditation.
RMF Accelerator reduces the time to produce a NIST-RMF compliant SSP, which facilitates improved turnaround time for Authority to Operate (ATO) approval.
RMF Accelerator enables selection of control families, security controls and sub-controls, based on Confidentiality, Integrity and Availability (CIA) impact level as Low, Moderate or High.
Flexible, customizable interface for system and facility owners to easily document implementation details of security controls and operating environment Highly configurable to meet the agency policies and standards as well as RMF requirements
Quick, easy and intuitive navigation avoids costly training Audit trail to readily track events and activities of A&A Ability to define control types (Specific, Common or Hybrid, maintain implementation details and protect system information