After several years of preparation, the U.S. Department of Defense (DoD) reissued critical cyber security instruction (DoDI 8510.01) in March 2014. To better align with the federal civilian government, the revised instruction set takes the Department of Defense Information Assurance Certification and Accreditation Process (DIACAP) and replaces it with the Risk Management Framework for DoD Information Technology (RMF for DoD IT).
As a result, the DoD is in the midst of a significant transition process to functionally implement and support the new framework. In addition to the need for the technical transition of all systems, the department needs automated tools, guidance, and training documentation, and development of core components to make the framework fully operational.
Ultimately, it will take some time before the move from DIACAP to the RMF for DoD IT is complete for all DoD agencies, as these various systems are in different states of accreditation with the legacy framework. The work will, in some cases, be arduous. And this is as true for internal agencies as it is for contracting organizations that have been accredited under DIACAP.
Agencies and organizations working through the transition to the RMF for DoD IT may feel particularly overwhelmed because, with the relative newness of the framework, it could seem there are limited options for education, consulting, and support.
Lunarline has been quick to adapt to the changes, and offers services that can assist organizations in clearly defining, organizing, and implementing their transition processes.
Our elite RMF consultants are already supporting a number of DoD customers to achieve a smooth transition. Additionally, the Lunarline School of Cyber Security is one of the only providers of educational programs in DoD RMF. Lunarline’s best-in-class products — such as the Vulnerability Scan Converter and Sniper — can also help your IT operations achieve the efficiencies you need to meet RMF standards.