Example Track 1

Thinking Outside the Security Box

Nov 19, 2019

9:20 AM - 9:40 AM

Monica Montgomery

Chief, Risk Management, Cybersecurity Office

National Geospatial-Intelligence Agency

The National Geospatial-Intelligence Agency (NGA) has developed efficiencies in its compliance with the Risk Management Framework (RMF) that it hopes to leverage in the context of FedRAMP. NGA has brought flexibility to its application of RMF processes it deemed too rigid for an agile development environment. NGA has also found efficiencies within the control allocation to programs, in part by fully leveraging inheritance and the inheritance model. In this session, learn about:
-- making the RMF work for you
-- compliance in waterfall and agile development environments
-- REVAMP (risk evaluation acceleration management process)
-- the tiered approach to controlled allocation