Risk Management Framework (RMF)

Changes in Federal and Department of Defense cybersecurity guidance have created the need for Government clients to implement the RMF on Industrial Control Systems (ICS’s) in addition to more traditional information systems. These requirements apply to systems in phases of their life cycle. Cybersecurity protections must, therefore, be include in new designs as well as back fit into legacy systems. This can sometimes pose a problem for Clients since, until recently,  cybersecurity controls were not incorporated into ICS designs.

Gibbs & Cox subject matter experts can help Clients in all phases of the RMF process. We understand how system functional and cost requirements must be balanced against the threat posed by the various system vulnerabilities. Additionally, our staff has the knowledge and experience necessary to guide Clients through the RMF process in order to obtain an Authority to Operation (ATO) for their system.