top of page
vCyberSec A&A Development Svcs LLC
RMF Step 3 - Implementation
Guidance: NIST SP 800-30; 37; 39; 53; 53A 137; CNSSI 1253F Attachments
-
Implement security controls
-
Analyzing scans (STIG, SCAP, ACAS, and Manual evaluations)
-
Documenting results of technical/manual test, interviews, and examinations
-
Provide justification for compliant and not applicable security controls
-
Initiate Plan of Action and Milestones for non compliant control
-
Provide remediation and mitigation strategy for vulnerabilities
-
-
Initiate System Risk Assessment Report
-
-
Client submission for assessment including supporting documents to 3rd Party Agent for compliance validation and recommendation to the Security Control Assessor
bottom of page