UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

close
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

close
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

AIR FORCE - AFI 17-101

RISK MANAGEMENT FRAMEWORK (RMF) FOR AIR FORCE INFORMATION TECHNOLOGY (IT)

active, Most Current
Organization: AIR FORCE
Publication Date: 6 February 2020
Status: active
Page Count: 41
scope:

Purpose.

This AFI provides implementation instructions for the implementation of the Risk Management Framework (RMF) methodology for Air Force (AF) Information Technology (IT) in accordance with AFPD 17-1, and AFI 17-130, Air Force Cybersecurity Program Management.

The RMF incorporates strategy, policy, awareness/training, assessment, continuous monitoring, authorization, implementation, and remediation.

The RMF aligns with Secretary of the Air Force/ Deputy Chief Information Officer (SAF/CN) strategic goals and objectives key concept of cybersecurity that works which requires robust risk assessment and management.

The RMF process encompasses life cycle risk management to determine and manage the residual cybersecurity risk to the AF created by the vulnerabilities and threats associated with objectives in military, intelligence, and business operations.

Privacy and security controls are implemented based on the assessed and mitigated residual risk. The controls align with Department of Defense Instruction (DoDI) 8510.01, Risk Management Framework (RMF) for DoD Information Technology (IT) and are documented in the RMF security authorization package for AF IT.

Document History

AFI 17-101
February 6, 2020
RISK MANAGEMENT FRAMEWORK (RMF) FOR AIR FORCE INFORMATION TECHNOLOGY (IT)
Purpose. This AFI provides implementation instructions for the implementation of the Risk Management Framework (RMF) methodology for Air Force (AF) Information Technology (IT) in accordance with...
February 2, 2017
RISK MANAGEMENT FRAMEWORK (RMF) FOR AIR FORCE INFORMATION TECHNOLOGY (IT)
Purpose. This AFI provides implementation instructions for the Risk Management Framework (RMF) methodology for Air Force (AF) Information Technology (IT) according to AFPD 17-1, Information...

References

Advertisement