Chapter 4

Federal RMF Requirements

Abstract

This chapter discusses the general guidance and testing techniques for testers, evaluators, auditors, and validators to ensure the systems they were reviewing meet the federal criteria for accreditation and security. The four methods for evaluation and testing of governmental systems, outside the Risk Management Framework, are explained.

Keywords

RMF

DIACAP

ICD 503

FedRAMP

Cybersecurity Framework

Over the past 10–15 years there have been multiple efforts to provide testers, evaluators, auditors, and validators the guidance and techniques to ensure the systems they were reviewing meet the federal criteria for accreditation and security. As described in Chapters 1 and 2, these activities have culminated ...

Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Controls Evaluation, Testing, and Assessment Handbook by Leighton Johnson

Federal RMF Requirements

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly