Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
The six steps of the Risk Management Framework gives agencies a high-level process to evaluate systems and data.
The Defense Information Systems Agency is bringing the concept of risk down a level.
Roger Greenwell, the chief information officer, the authoring official and risk management executive at DISA, said the agency is looking to its user community to better understand risk as cloud and agile become standard processes.
“Where we are facing an evolution is the fact that cloud development, agile development methods and the dev/sec/ops type of roles is forcing us to change and be able to rapidly make those decisions, where as many of our processes are almost geared around the more traditional waterfall development where these things occur in sequence: here’s a release of code, doing an assessment of authorization and assessment and all of it takes time,” Greenwell said on Ask the CIO. “You have to be able to change and rapidly make those decisions. That is where automation and technology is going to play a huge…
