Defense One

DOD struggles with Risk Management Framework adoption

Moving the Defense Department's authorization process for IT systems from the DOD Information Assurance Certification and Accreditation Process to the Risk Management Framework was supposed to provide ...
Homeland Security Today

GAO: Ongoing DoD Fraud Risk Assessment Efforts Should Include Contractor Ownership

Some companies doing business with the Defense Department have opaque ownership structures that may conceal who owns, controls, or benefits from the company. The Government Accountability Office ...
Nextgov

DOD Recommends NIST Align Frameworks for Cybersecurity Risk Management

It’s time the National Institute of Standards and Technology point to how organizations should be assessing the risk they’re associating with systems when deciding what security controls to implement ...
War on the Rocks

Fixes for Risk Assessment in Defense

As I recently argued here at War on the Rocks, many of the current Defense Department approaches to risk and risk management could stand an overhaul. In discussions on national security, risk is ...
Homeland Security Today

GAO: DoD Must Weigh Climate Risks to Contractors as Part of Acquisition, Supply, and Risk Assessment

The Department of Defense relies on contracted goods and services to carry out missions. Since 2010, DOD has identified climate change as a threat to its operations and installations. Climate effects ...