Training

Create a training plan based on RMF role, position within the organization and level of risk the role is managing. Provide a construct to continuously update and access training based on the risk posture of the organization.

Control Standards

Identify baselines, tailored and inheritable controls to support the organization. Ensure they are derived from the agencies’ risk tolerance or departmentwide risk management strategy for security and privacy.

Documentation

Work products and tasks to set policy, standards, methodologies, and other frameworks to inform and enforce RMF. Create templates, appointment letters, guides, and policies to support implementation.

Automation

Identify specific and high impact automation opportunities related to RMF process that can be implemented by an organization using RMF for risk management and IT compliance. Identify innovations to provide insight on how you can make risk-based decisions through automated tools and processes.

Governance

Assess and recommend governance structure to include Risk Executive Functions. Provide guidance on the development of an efficient system that contains a clear set  of rules, practices, and standards.

Strategic Communications

Inform the overall RMF use community and those with specific working roles of their responsibilities. Create executive briefs, communication plans, slick sheets, and other supporting communication materials.

Our experts maintain a pulse on the cybersecurity industry.

Read our latest cyber news insights.