Chapter 6

Roles and Responsibilities

Abstract

The evaluation and testing roles and responsibilities are defined here in detail for each test, evaluation, and authorization role in the RMF, to include the extra defined roles found in the DOD implementation of RMF.

Keywords

roles and responsibilities

system owner

authorizing official

security officer

security control assessor

The Risk Management Framework acknowledges that organizations have widely varying missions and organizational structures, so there may be differences in naming conventions for risk management-related roles and how specific responsibilities are allocated among organizational personnel (e.g., multiple individuals filling a single role or one individual filling multiple roles). ...

Get Security Controls Evaluation, Testing, and Assessment Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Security Controls Evaluation, Testing, and Assessment Handbook by Leighton Johnson

Roles and Responsibilities

Abstract

Keywords

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly