SlideShare a Scribd company logo

L5 RMF Phase 4 Implement.pptx

Download as PPTX, PDF
S
StevenTharp2

RMF

Government & Nonprofit
1 of 5
Phase 4: Implement
IMPLEMENT TASKS
CONTROL IMPLEMENTATION • Task I-1: Implement the controls in the security and privacy plans. • Potential Inputs: Approved security and privacy plans; system design documents; organizational security and privacy policies and procedures; business impact or criticality analyses; enterprise architecture information; security architecture information; privacy architecture information; list of security and privacy requirements allocated to the system, system elements; and environment of operation; system element information; system component inventory; organization- and system-level risk assessment results. • Expected Outputs: Implemented controls. • Discussion • Risk Assessment – Guide Decisions • Cost • Trade-offs
UPDATE CONTROL IMPLEMENTATION INFORMATION • Task I-2: Document changes to planned control implementations based on the “as-implemented” state of controls. • Potential Inputs: Security and privacy plans; information from control implementation efforts. • Expected Outputs: Security and privacy plans updated with implementation detail sufficient for use by assessors; system configuration baseline. • Discussion • Control Details – SSP (living) • Baseline
Control Implementation • Other links • http://www.commoncriteriaportal.org/ • http://benchmarks.cisecurity.org • http://iase.disa.mil/stigs/ • http://www.sans.org/security-resources/

Recommended

L6 RMF Phase 5 Assess.pptx
L6 RMF Phase 5 Assess.pptxL6 RMF Phase 5 Assess.pptx
L6 RMF Phase 5 Assess.pptxStevenTharp2
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Information Systems Audit & CISA Prep 2010
Information Systems Audit & CISA Prep 2010Information Systems Audit & CISA Prep 2010
Information Systems Audit & CISA Prep 2010Donald E. Hester
 
Privacy in the Cloud- Introduction to ISO 27018
Privacy in the Cloud- Introduction to ISO 27018Privacy in the Cloud- Introduction to ISO 27018
Privacy in the Cloud- Introduction to ISO 27018Schellman & Company
 
Compliance
ComplianceCompliance
CompliancePriyank Hada
 
Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMPRay Potter
 
Security Baselines and Risk Assessments
Security Baselines and Risk AssessmentsSecurity Baselines and Risk Assessments
Security Baselines and Risk AssessmentsPriyank Hada
 

Recommended

L6 RMF Phase 5 Assess.pptx
L6 RMF Phase 5 Assess.pptxL6 RMF Phase 5 Assess.pptx
L6 RMF Phase 5 Assess.pptxStevenTharp2
 
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to Know
ISO/IEC 27701 vs. ISO/IEC 27001 vs. NIST: Essential Things You Need to KnowPECB
 
ISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewISO27001: Implementation & Certification Process Overview
ISO27001: Implementation & Certification Process OverviewShankar Subramaniyan
 
Information Systems Audit & CISA Prep 2010
Information Systems Audit & CISA Prep 2010Information Systems Audit & CISA Prep 2010
Information Systems Audit & CISA Prep 2010Donald E. Hester
 
Privacy in the Cloud- Introduction to ISO 27018
Privacy in the Cloud- Introduction to ISO 27018Privacy in the Cloud- Introduction to ISO 27018
Privacy in the Cloud- Introduction to ISO 27018Schellman & Company
 
Compliance
ComplianceCompliance
CompliancePriyank Hada
 
Amped for FedRAMP
Amped for FedRAMPAmped for FedRAMP
Amped for FedRAMPRay Potter
 
Security Baselines and Risk Assessments
Security Baselines and Risk AssessmentsSecurity Baselines and Risk Assessments
Security Baselines and Risk AssessmentsPriyank Hada
 
Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering IntroductionrajeswaricseAvinuty
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??Fáber D. Giraldo
 
System Security Plans 101
System Security Plans 101System Security Plans 101
System Security Plans 101Donald E. Hester
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
Lesson 2
Lesson 2Lesson 2
Lesson 2MLG College of Learning, Inc
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
L8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptxL8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptxStevenTharp2
 
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Montrium
 
CNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentCNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentSam Bowne
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)Peter GEELEN ✔
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.pptit160320737038
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life CycleUnderstanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life CycleDonald E. Hester
 
L2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptxL2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptxStevenTharp2
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.pptr209777z
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesSam Bowne
 
CH18-CompSec4e.pptx
CH18-CompSec4e.pptxCH18-CompSec4e.pptx
CH18-CompSec4e.pptxMuhammadYasirKhan36
 
IntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptxIntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptxssuserbdcb221
 
L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxStevenTharp2
 
L3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptxL3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptxStevenTharp2
 

More Related Content

Similar to L5 RMF Phase 4 Implement.pptx

Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering IntroductionrajeswaricseAvinuty
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??Fáber D. Giraldo
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsSam Bowne
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationMcKonly & Asbury, LLP
 
L8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptxL8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptxStevenTharp2
 
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Montrium
 
CNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentCNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentSam Bowne
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)Peter GEELEN ✔
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.pptit160320737038
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA Information Security
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life CycleUnderstanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life CycleDonald E. Hester
 
L2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptxL2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptxStevenTharp2
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.pptr209777z
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesSam Bowne
 
IntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptxIntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptxssuserbdcb221
 

Similar to L5 RMF Phase 4 Implement.pptx (20)

Software Engineering Introduction
Software Engineering IntroductionSoftware Engineering Introduction
Software Engineering Introduction
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security Programs
 
ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??ISO 29119 and Software Testing - now what??
ISO 29119 and Software Testing - now what??
 
System Security Plans 101
System Security Plans 101System Security Plans 101
System Security Plans 101
 
CNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security ProgramsCNIT 160 Ch 4a: Information Security Programs
CNIT 160 Ch 4a: Information Security Programs
 
Lesson 2
Lesson 2Lesson 2
Lesson 2
 
Cybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your OrganizationCybersecurity Risk Management Program and Your Organization
Cybersecurity Risk Management Program and Your Organization
 
L8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptxL8 RMF Phase 7 Monitor.pptx
L8 RMF Phase 7 Monitor.pptx
 
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
 
CNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy DevelopmentCNIT 160: Ch 2b: Security Strategy Development
CNIT 160: Ch 2b: Security Strategy Development
 
20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)20201014 iso27001 iso27701 nist v2 (extended version)
20201014 iso27001 iso27701 nist v2 (extended version)
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
01Introduction to Information Security.ppt
01Introduction to Information Security.ppt01Introduction to Information Security.ppt
01Introduction to Information Security.ppt
 
SLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshopSLVA - Security monitoring and reporting itweb workshop
SLVA - Security monitoring and reporting itweb workshop
 
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life CycleUnderstanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
Understanding the Risk Management Framework & (ISC)2 CAP Module 4: Life Cycle
 
L2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptxL2 RMF Phase 1 Prepare.pptx
L2 RMF Phase 1 Prepare.pptx
 
Information systems audit n control introduction.ppt
Information systems audit n control introduction.pptInformation systems audit n control introduction.ppt
Information systems audit n control introduction.ppt
 
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and PoliciesCISSP Prep: Ch 1: Security Governance Through Principles and Policies
CISSP Prep: Ch 1: Security Governance Through Principles and Policies
 
CH18-CompSec4e.pptx
CH18-CompSec4e.pptxCH18-CompSec4e.pptx
CH18-CompSec4e.pptx
 
IntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptxIntroToActiveAuditHandbookEN.pptx
IntroToActiveAuditHandbookEN.pptx
 

More from StevenTharp2

L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxStevenTharp2
 
L3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptxL3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptxStevenTharp2
 
L4 RMF Phase 3 Select.pptx
L4 RMF Phase 3 Select.pptxL4 RMF Phase 3 Select.pptx
L4 RMF Phase 3 Select.pptxStevenTharp2
 
L13 SDLC and Risk Management.pptx
L13 SDLC and Risk Management.pptxL13 SDLC and Risk Management.pptx
L13 SDLC and Risk Management.pptxStevenTharp2
 
L1_Introduction.pptx
L1_Introduction.pptxL1_Introduction.pptx
L1_Introduction.pptxStevenTharp2
 
L7 RMF Phase 6 Authorize.pptx
L7 RMF Phase 6 Authorize.pptxL7 RMF Phase 6 Authorize.pptx
L7 RMF Phase 6 Authorize.pptxStevenTharp2
 
L12 CP CMP PIA BIA.pptx
L12 CP CMP PIA BIA.pptxL12 CP CMP PIA BIA.pptx
L12 CP CMP PIA BIA.pptxStevenTharp2
 

More from StevenTharp2 (7)

L11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptxL11 Transition And Key Roles and SAT ROB IRP.pptx
L11 Transition And Key Roles and SAT ROB IRP.pptx
 
L3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptxL3 RMF Phase 2 Categorize.pptx
L3 RMF Phase 2 Categorize.pptx
 
L4 RMF Phase 3 Select.pptx
L4 RMF Phase 3 Select.pptxL4 RMF Phase 3 Select.pptx
L4 RMF Phase 3 Select.pptx
 
L13 SDLC and Risk Management.pptx
L13 SDLC and Risk Management.pptxL13 SDLC and Risk Management.pptx
L13 SDLC and Risk Management.pptx
 
L1_Introduction.pptx
L1_Introduction.pptxL1_Introduction.pptx
L1_Introduction.pptx
 
L7 RMF Phase 6 Authorize.pptx
L7 RMF Phase 6 Authorize.pptxL7 RMF Phase 6 Authorize.pptx
L7 RMF Phase 6 Authorize.pptx
 
L12 CP CMP PIA BIA.pptx
L12 CP CMP PIA BIA.pptxL12 CP CMP PIA BIA.pptx
L12 CP CMP PIA BIA.pptx
 

Recently uploaded

Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438ahcitycouncil
 
2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.Christina Parmionova
 
Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.Christina Parmionova
 
Tennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EVTennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EVRPO America
 
"Plant health, safe trade and digital technology." International Day of Plant...
"Plant health, safe trade and digital technology." International Day of Plant..."Plant health, safe trade and digital technology." International Day of Plant...
"Plant health, safe trade and digital technology." International Day of Plant...Christina Parmionova
 
Electric Vehicle infrastructure planning in Rural Planning Organizations
Electric Vehicle infrastructure planning in Rural Planning OrganizationsElectric Vehicle infrastructure planning in Rural Planning Organizations
Electric Vehicle infrastructure planning in Rural Planning OrganizationsRPO America
 
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899Cara Menggugurkan Kandungan 087776558899
 
NGO working for orphan children’s education
NGO working for orphan children’s educationNGO working for orphan children’s education
NGO working for orphan children’s educationSERUDS INDIA
 
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Available
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Availableℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Available
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe AvailablePayal Garg #K09
 
PPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. ReportPPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. Reportahcitycouncil
 
School Health and Wellness Programme -.pptx
School Health and Wellness Programme -.pptxSchool Health and Wellness Programme -.pptx
School Health and Wellness Programme -.pptxjumpyrelated
 
2024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 322024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 32JSchaus & Associates
 
Time, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie WhitehouseTime, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie Whitehousesubs7
 
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.Christina Parmionova
 
Managing large-scale outbreaks at Farrow-to-Weaner Farms
Managing large-scale outbreaks at Farrow-to-Weaner FarmsManaging large-scale outbreaks at Farrow-to-Weaner Farms
Managing large-scale outbreaks at Farrow-to-Weaner FarmsHarm Kiezebrink
 

Recently uploaded (20)

AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024AHMR volume 10 number 1 January-April 2024
AHMR volume 10 number 1 January-April 2024
 
Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438Item # 7-8 - 6900 Broadway P&Z Case # 438
Item # 7-8 - 6900 Broadway P&Z Case # 438
 
2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.2024 UN Civil Society Conference in Support of the Summit of the Future.
2024 UN Civil Society Conference in Support of the Summit of the Future.
 
Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.Plant health, safe trade and digital technology.
Plant health, safe trade and digital technology.
 
Tennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EVTennessee DOT- TEVI Plan coordination & EV
Tennessee DOT- TEVI Plan coordination & EV
 
"Plant health, safe trade and digital technology." International Day of Plant...
"Plant health, safe trade and digital technology." International Day of Plant..."Plant health, safe trade and digital technology." International Day of Plant...
"Plant health, safe trade and digital technology." International Day of Plant...
 
Electric Vehicle infrastructure planning in Rural Planning Organizations
Electric Vehicle infrastructure planning in Rural Planning OrganizationsElectric Vehicle infrastructure planning in Rural Planning Organizations
Electric Vehicle infrastructure planning in Rural Planning Organizations
 
POKKUVARAVU OF RR property-directions for mutation
POKKUVARAVU OF RR property-directions for mutationPOKKUVARAVU OF RR property-directions for mutation
POKKUVARAVU OF RR property-directions for mutation
 
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
Cara Gugurkan Pembuahan Secara Alami Dan Cepat ABORSI KANDUNGAN 087776558899
 
tOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTRtOld settlement register shouldnotaffect BTR
tOld settlement register shouldnotaffect BTR
 
Mifepristion Pills IN Kuwait (+918133066128) Where I Can Buy Abortion pills K...
Mifepristion Pills IN Kuwait (+918133066128) Where I Can Buy Abortion pills K...Mifepristion Pills IN Kuwait (+918133066128) Where I Can Buy Abortion pills K...
Mifepristion Pills IN Kuwait (+918133066128) Where I Can Buy Abortion pills K...
 
NGO working for orphan children’s education
NGO working for orphan children’s educationNGO working for orphan children’s education
NGO working for orphan children’s education
 
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Available
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Availableℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Available
ℂall Girls Ahmedabad Book Esha 6378878445 Top Class ℂall Girl Serviℂe Available
 
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition PlansSustainability by Design: Assessment Tool for Just Energy Transition Plans
Sustainability by Design: Assessment Tool for Just Energy Transition Plans
 
PPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. ReportPPT Item # 9 2ndQTR Financial & Inv. Report
PPT Item # 9 2ndQTR Financial & Inv. Report
 
School Health and Wellness Programme -.pptx
School Health and Wellness Programme -.pptxSchool Health and Wellness Programme -.pptx
School Health and Wellness Programme -.pptx
 
2024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 322024: The FAR, Federal Acquisition Regulations, Part 32
2024: The FAR, Federal Acquisition Regulations, Part 32
 
Time, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie WhitehouseTime, Stress & Work Life Balance for Clerks with Beckie Whitehouse
Time, Stress & Work Life Balance for Clerks with Beckie Whitehouse
 
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
The impact and warm of wildlife crime - 2024 World Wildlife Crime Report.
 
Managing large-scale outbreaks at Farrow-to-Weaner Farms
Managing large-scale outbreaks at Farrow-to-Weaner FarmsManaging large-scale outbreaks at Farrow-to-Weaner Farms
Managing large-scale outbreaks at Farrow-to-Weaner Farms
 

L5 RMF Phase 4 Implement.pptx

  • 3. CONTROL IMPLEMENTATION • Task I-1: Implement the controls in the security and privacy plans. • Potential Inputs: Approved security and privacy plans; system design documents; organizational security and privacy policies and procedures; business impact or criticality analyses; enterprise architecture information; security architecture information; privacy architecture information; list of security and privacy requirements allocated to the system, system elements; and environment of operation; system element information; system component inventory; organization- and system-level risk assessment results. • Expected Outputs: Implemented controls. • Discussion • Risk Assessment – Guide Decisions • Cost • Trade-offs
  • 4. UPDATE CONTROL IMPLEMENTATION INFORMATION • Task I-2: Document changes to planned control implementations based on the “as-implemented” state of controls. • Potential Inputs: Security and privacy plans; information from control implementation efforts. • Expected Outputs: Security and privacy plans updated with implementation detail sufficient for use by assessors; system configuration baseline. • Discussion • Control Details – SSP (living) • Baseline
  • 5. Control Implementation • Other links • http://www.commoncriteriaportal.org/ • http://benchmarks.cisecurity.org • http://iase.disa.mil/stigs/ • http://www.sans.org/security-resources/