Cov txheej txheem:

Thaum twg RMF raug siv?
Thaum twg RMF raug siv?
Anonim

Keeb kwm tsim los ntawm Department of Defense (DoD), lub RMF tau txais kev pom zoo los ntawm tus so ntawm US tsoom fwv cov ntaub ntawv systems nyob rau hauv 2010. Niaj hnub no, lub RMF yog tswj hwm los ntawm National Institute of Standards and Technology (NIST), thiab muab lub hauv paus ruaj khov rau txhua qhov kev ruaj ntseg cov ntaub ntawv.

Tib neeg kuj nug tias, RMF lub hom phiaj yog dab tsi?

Kev Tswj Xyuas Kev Ruaj Ntseg ( RMF ) yog "cov ntaub ntawv kev ruaj ntseg zoo ib yam" rau tsoomfwv thiab nws cov neeg cog lus. Cov hom phiaj ntawm RMF yog: Txhim kho cov ntaub ntawv kev ruaj ntseg. Txhawm rau ntxiv dag zog rau cov txheej txheem tswj kev pheej hmoo. Txhawm rau txhawb kom muaj kev sib raug zoo ntawm tsoomfwv cov koomhaum.

Ib sab saum toj no, thaum twg RMF hloov Diacap? CEEB TOOM: Raws li ntawm Lub Peb Hlis 12, 2014 (txawm tias txoj kev hloov pauv yuav muaj li ntawm Tsib Hlis 2015 ), DIACAP yuav tsum tau hloov los ntawm "Risk Management Framework (RMF) rau DoD Information Technology (IT)" Txawm hais tias rov lees paub txuas ntxiv mus txog lig 2016, cov tshuab uas tseem tsis tau pib lees paub los ntawm Tsib Hlis 2015 yuav

Kuj tseem paub yog, koj siv RMF li cas?

RMF yog 6-kauj ruam txheej txheem raws li qhia hauv qab no:

  1. Kauj ruam 1: Categorize Information Systems.
  2. Kauj ruam 2: Xaiv Kev Tswj Xyuas Kev Ruaj Ntseg.
  3. Kauj Ruam 3: Siv Kev Tswj Xyuas Kev Ruaj Ntseg.
  4. Kauj Ruam 4: Ntsuas Kev Tswj Xyuas Kev Ruaj Ntseg.
  5. Kauj Ruam 5: Tso Cai Cov Ntaub Ntawv Txheej Txheem.
  6. Kauj Ruam 6: Saib Xyuas Kev Tswj Xyuas Kev Ruaj Ntseg.

Leej twg tsim kev tswj hwm kev pheej hmoo?

NIST Kev Tshaj Tawm Tshwj Xeeb 800-37, "Cov Lus Qhia rau Kev Thov Risk Management Framework rau Federal Information Systems", tsim tawm los ntawm Pawg Neeg Ua Haujlwm Pabcuam Kev Hloov Pauv Hloov Pauv, hloov pauv cov txheej txheem C&A (C&A) ib txwm muaj Risk Management Framework (RMF).

Pom zoo: