For those who work for the DoD or DHS

philz1982philz1982 Member Posts: 978
I need to know from a software vendor perspective. How do I:

Determine the Vendor Policies for the specific department in regards to cyber security.

For example. According to DIARMF I need to: Categorize the system with FIPS 199, I then need to Select controls from CNSSI 1253, Implement controls with 800-53A, peform A&A with 800-37, and Continuous monitoring with 800-137.

So what would I do for a DHS, Federal Government, NERC, Ect? I have an interview coming up and this is my weak area. I get the DIARMF and have ran through the process but I am weak on DHS, Fed, NERC guidelines.

In my new role I would be responsible for coordinating certification and incident response with Federal government.


Sign In or Register to comment.