NetCentrics implements Risk Management Framework for US Coast Guard


US-based NetCentrics Corporation has implemented the Department of Defense's (DoD) Risk Management Framework (RMF) for the US Coast Guard.

The transition of RMF was completed in February this year.

RMF has been developed by the National Institute of Standards and Technology (NIST) and is designed to create a shared information security framework across the federal government and its contractors.

It offers an advance cybersecurity feature over legacy programmes, such as the DoD Information Assurance Certification and Accreditation Process (DIACAP).

DoD Directive 8510.01 established the RMF for DoD IT in place of DIACAP on 12 March 2014.

RMF is already used by few civil service agencies and the intelligence communities, while the US DoD is still at the early phase of adoption of the technology.

NetCentrics CEO Bob Dougherty said: "IT security has been steadily moving away from strict compliance toward a risk-based approach coupled with continuous monitoring.

"The Coast Guard is leading the way for DoD by fully transitioning to the Risk Management Framework, which takes both a risk assessment and risk management approach coupled with continuous monitoring practises."

RMF framework aligns with the federal government's Continuous Diagnostics and Mitigation (CDM) programme, which is intended principally for civilian agencies.

NetCentrics provides enterprise systems management, solutions engineering, application development, cybersecurity services and innovation services to the US DoD, Homeland Security and other federal agencies.