摘要:The Department of Defense is transitioning from the legacy Defense Information Assurance Certification and Accreditation Process to the Risk Management Framework process. For the Navy, this transition is much more than a process change. By leveraging the Navy’s technical authority processes, the focus shifts from DIACAP’s vulnerability-based assessment to the RMF’s risk-based assessment.
