• radio_button_unchecked* **Assessment template based on NIST Risk Management Framework (RMF)**
  • radio_button_unchecked* Assume system has been assigned to us in the Assignment phase
  • radio_button_uncheckedAssignment
  • radio_button_uncheckedCreate Security Assessment Plan (SAP)
  • radio_button_uncheckedCreate Security Assessment Checklist
  • radio_button_uncheckedNotification
  • radio_button_uncheckedCreate and send SAP and cover letter to Risk Management Team Lead, ISSO, and ISO
  • radio_button_uncheckedSchedule Kickoff date
  • radio_button_uncheckedConduct Kickoff meeting
  • radio_button_uncheckedDocument any questions
  • radio_button_uncheckedPreparation
  • radio_button_uncheckedGather previous and current artifacts from Network Drive and Assessment Database
  • radio_button_uncheckedReview artifacts and familiarize with system
  • radio_button_uncheckedAssessment
  • radio_button_uncheckedReview selected controls
  • radio_button_uncheckedReview implementation statements
  • radio_button_uncheckedReview agreements
  • radio_button_uncheckedConduct assessment interview(s)
  • radio_button_uncheckedPerform assessment or review
  • radio_button_uncheckedBuild After Action Report (AAR)
  • radio_button_uncheckedCreate Security Assessment Report (SAR)
  • radio_button_uncheckedResults
  • radio_button_uncheckedSend final AAR and SAR to ISSO
  • radio_button_uncheckedReview - Give ISSO five business days to review and/or respond to AAR and SAR
  • radio_button_uncheckedCompletion
  • radio_button_uncheckedSubmit findings to POAM team
  • radio_button_uncheckedSend official notice of completion to Team Leads, ISSO, and ISO
  • radio_button_uncheckedWork Assessment Database team to ensure dates and documents are updated
  • radio_button_uncheckedUpload all documents to Network drive for archive
Import This Project


No comments to display.