DoDI 8500 8510 DIARMF signed?
It is 11 Mar 2014 and there is nothing at all officially distributed. Check here: http://www.dtic.mil/whs/directives/index.html
There is nothing posted on the DoD CIO site: http://dodcio.defense.gov/
Nothing on the DON CIO site: http://www.doncio.navy.mil/
Since 2011 I have been hearing about DIARMF –
Rumor has it, Ms Teresa Takai signed it. That means the next step is distribution.
Update:
DoDI 8500 and 8510 DIARMF have been signed and are in the process of being distributed
Implements References (c) through (f) by establishing the RMF for DoD IT (referred to in this instruction as “the RMF”), establishing associated cybersecurity policy, and assigning responsibilities for executing and maintaining the RMF. The RMF replaces the DoD Information Assurance Certification and Accreditation Process (DIACAP) and manages the life-cycle cybersecurity risk to DoD IT in accordance with References (g) through (k)
We have bee calling it DIARMF for years (because thats what they originally told us the name would be. But I guess the name will be RMF for DoD IT, or just RMF… I guess.
Since we did not know what to call it, we were calling it DIARMF even on resumes. Technically we should not have called it anything since it did not officially exist for 3 years. But the thing is that some of us were in the middle of Certification & Accreditation on major projects while they were telling us the ENTIRE process was about to change.
[…] 2014 – Risk Management Framework for DOD IT […]