Monica Montgomery
Chief, Risk Management, Cybersecurity Office
National Geospatial-Intelligence Agency
The National Geospatial-Intelligence Agency (NGA) has developed efficiencies in its compliance with the Risk Management Framework (RMF) that it hopes to leverage in the context of FedRAMP. NGA has brought flexibility to its application of RMF processes it deemed too rigid for an agile development environment. NGA has also found efficiencies within the control allocation to programs, in part by fully leveraging inheritance and the inheritance model. In this session, learn about:
-- making the RMF work for you
-- compliance in waterfall and agile development environments
-- REVAMP (risk evaluation acceleration management process)
-- the tiered approach to controlled allocation