Check out the course: www.nist80037rmf.com/rmf-isso-foundations
@axelthedawg95776 жыл бұрын
This is a fantastic summary of RMF and security categorization. Plainly spoken without losing meaningful concepts. Well done Bruce!
@RickKotlarz7 жыл бұрын
@Gwen - When categorizing the Information System (IS) the focus is on identifying what levels Confidentiality, Integrity and Availability (CIA) are at. An IS can be any combination Low, Moderate or High and is often written with only list the first initial. For example a system with CIA levels of Moderate, Moderate, Moderate would be written as MMM. Another system with Low, Moderate, Low would be written LML. This same method applies to all DoD and Federal Information Systems under RMF. However each DoD and Federal organization can have their own set of "overlays" that apply additional measures for determining the CIA level. For example, there are overlays for PHI, PII, security classification, space and others. Ref. NIST 800-53 Rev 4.
@jbox35327 жыл бұрын
Good stuff. You explained in 10mins what I have been trying to wrap my head around for the last year
@sunshinegyrl4116 жыл бұрын
Thank you for making this so easy to comprehend👏
@MrAnderson6105 жыл бұрын
Thank you for posting! It is really appreciated!!! Does your course prepare me to sit for the CAP certification? How well does your course prepare me for success in a field of CAP? Thanks in advance!
@MrNATSFAN115 жыл бұрын
Nice Presentation of this material!!
@njikims16 жыл бұрын
Great lecture. Thank you and keep up the good work.
@gwen74798 жыл бұрын
Bruce, thank you for the video. In your case of multiple information types, would it really matter going through the process of figuring out each one if one of your info types was let's say, "high" for integrity? If the concept of High Water Mark is used, wouldn't the system come out as High regardless of how the other ones turned out? Also, are you going to put out a video for how to categorize national security systems? Since the DoD is transitioning to RMF, there’s a lot of confusion out there. Thank you!
@EditaLaurelHRTechnologist7 жыл бұрын
Thanks for the video. Very helpful. Do you have more videos of RMF?
@charlyekerum27142 жыл бұрын
Great
@sheikhsa3 жыл бұрын
Missing the privacy component which become a necessary part of every assessment nowadays.
@akinwande71227 жыл бұрын
Very lucid explanation. Nice.
@mtfr10007 жыл бұрын
You're a great teacher. I'll pay for some skype call to ask some questions. I'm interviewing and need more knowledge