UNLIMITED FREE ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already an Engineering360 user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your Engineering360 Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

DODD 8510.01 CE-03

Risk Management Framework (RMF) for DoD Information Technology (IT)

active, Most Current
Organization: DODD
Publication Date: 29 December 2020
Status: active
Page Count: 47
scope:

PURPOSE.

This instruction:

a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)).

b. Implements References (c) through (f) by establishing the RMF for DoD IT (referred to in this instruction as "the RMF"), establishing associated cybersecurity policy, and assigning responsibilities for executing and maintaining the RMF. The RMF replaces the DoD Information Assurance Certification and Accreditation Process (DIACAP) and manages the lifecycle cybersecurity risk to DoD IT in accordance with References (g) through (k).

c. Redesignates the DIACAP Technical Advisory Group (TAG) as the RMF TAG.

d. Directs visibility of authorization documentation and reuse of artifacts between and among DoD Components deploying and receiving DoD IT.

e. Provides procedural guidance for the reciprocal acceptance of authorization decisions and artifacts within DoD, and between DoD and other Federal departments and agencies, for the authorization and connection of information systems (ISs).

Document History

DODD 8510.01 CE-03
December 29, 2020
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
DODD 8510.01 CE-02
July 28, 2017
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
DODD 8510.01
May 24, 2016
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
DODD 8510.01
March 12, 2014
Risk Management Framework (RMF) for DoD Information Technology (IT)
PURPOSE. This instruction: a. Reissues and renames DoD Instruction (DoDI) 8510.01 (Reference (a)) in accordance with the authority in DoD Directive (DoDD) 5144.02 (Reference (b)). b. Implements...
DODD 8510.01 11/28/07
November 28, 2007
DoD Information Assurance Certification and Accreditation Process (DIACAP)
APPLICABILITY AND SCOPE This Instruction applies to: The Office of the Secretary of Defense (OSD), the Military Departments, the Office of the Chairman of the Joint Chiefs of Staff, the Combatant...

References

This document references:
DODD 5000.02 - Operation of the Defense Acquisition System
Published by DOD on August 31, 2018
PURPOSE. This instruction: a. In accordance with the authority in DoD Directive (DoDD) 5000.01 (Reference (a)) and DoDD 5134.01 (Reference (cm)), reissues the interim DoD Instruction 5000.02...
This document references:
DODD 5000.02 - Operation of the Defense Acquisition System
Published by DOD on August 31, 2018
PURPOSE. This instruction: a. In accordance with the authority in DoD Directive (DoDD) 5000.01 (Reference (a)) and DoDD 5134.01 (Reference (cm)), reissues the interim DoD Instruction 5000.02...
This document references:
DODD 5105.53(D) 02/26/2008 - DIRECTOR OF ADMINISTRATION AND MANAGEMENT (DA&M)
Published by DODD on February 26, 2008
PURPOSE This Directive: Reissues Reference (a) to update the responsibilities, functions, relationships, and authorities of the DA&M under the authority vested in the Secretary of Defense by section...
This document references:
DODD 5144.02(D) CE-01 - DoD Chief Information Officer (DoD CIO)
Published by DODD on September 19, 2017
PURPOSE. Under the authority vested in the Secretary of Defense by section 113 of Title 10, United States Code (U.S.C.) (Reference (a)), this directive: a. Assigns the responsibilities, functions,...
This document references:
DODD 5200.02 CE-03 - DoD Personnel Security Program (PSP)
Published by DODD on September 24, 2020
PURPOSE. This Instruction: a. Reissues DoD Directive (DoDD) 5200.2 (Reference (a)) as a DoD Instruction (DoDI) in accordance with the authority in DoDD 5143.01 (Reference (b)) to establish policy,...
This document references:
DODD 8000.1 - MANAGEMENT OF DOD INFORMATION RESOURCES AND INFORMATION TECHNOLOGY (ADMINISTRATIVE REISSUANCE INCORPORATING CHANGE 1, MARCH 20, 2002), DODD 7740.1-G)
Published by DOD on March 20, 2002
This Directive applies to: The Office of the Secretary of Defense, the Military Departments, the Chairman of the Joint Chiefs of Staff, the Combatant Commands, the Inspector General of the Department...
This document is referenced by:
DODD 5000.90 - CYBERSECURITY FOR ACQUISITION DECISION AUTHORITIES AND PROGRAM MANAGERS
Published by DODD on December 31, 2020
Purpose: In accordance with the authority in DoD Directive (DoDD) 5135.02, this issuance establishes policy, assigns responsibilities, and prescribes procedures for the management of cybersecurity...
This document is referenced by:
AFMAN 13-1AOC VOL 3 - OPERATIONAL PROCEDURESAIR OPERATIONS CENTER (AOC) OPERATIONS CENTER (OC)
Published by AIR FORCE on December 18, 2020
A description is not available for this item.
This document is referenced by:
AFI 99-103 - CAPABILITIES-BASED TEST AND EVALUATION
Published by AIR FORCE on November 18, 2019
Purpose of Test and Evaluation. The purpose of test and evaluation is to ensure DoD acquires systems that work and meet specified requirements. Additionally, overarching functions of test and...
This document is referenced by:
SECNAV 5000.2G - (ASN (RD&A)) DEPARTMENT OF THE NAVY IMPLEMENTATION OF THE DEFENSE ACQUISITION SYSTEM AND THE ADAPTIVE ACQUISITION FRAMEWORK
Published by NAVY on April 8, 2022
Purpose. This instruction: a. Prescribes DON-specific program acquisition and sustainment policies and procedures that supplement applicable Department of Defense (DoD) issuances to provide for the...
View Less
View All
Advertisement