Skip subpage navigation
The Defense Health Agency has a process called the Risk Management Framework (RMF). This process is provided by the Risk Management Executive Division for Information System (IS) and Platform IT (PIT) Systems.
The RMF provides a structured process. It combines IS security and risk management activities into the system development lifecycle. It also authorizes their use within DOD and DHA. It provides you the capabilities to effectively manage information security risks. This includes ever-increasing system vulnerabilities and sophisticated cyber threats in diverse environments.
We established the DHA RMF Portal to give guidance, templates, and training to the Information System Security Managers (ISSMs).
The RMF Interactive Workflow Diagram shows the requirements for assessment and authorization. This is a high level guide. It works with other DHA RMF guides available to ISSMs.
You also may be interested in...
Publication
Sep 2, 2022
.PDF |
984.93 KB
The RMF is the process that the Information System Security Managers use to get and maintain an Authority To Operate (ATO).
Policy
Mar 12, 2014
This Instruction reissues and renames DOD Instruction (DODI) 8510.01 in accordance with the authority in DOD Directive (DODD) 5144.02. It also establishes the RMF for DoD IT (referred to in this Instruction as “the RMF”), establishing associated cybersecurity policy, and assigning responsibilities for executing and maintaining the RMF.
- Identification #: 8510.01
- Type: Instruction
You are leaving Health.mil
The appearance of hyperlinks does not constitute endorsement by the Department of Defense of non-U.S. Government sites or the information, products, or services contained therein. Although the Defense Health Agency may or may not use these sites as additional distribution channels for Department of Defense information, it does not exercise editorial control over all of the information that you may find at these locations. Such links are provided consistent with the stated purpose of this website.
You are leaving Health.mil
View the external links disclaimer.
Last Updated: July 11, 2023