As
a System Security Engineer most of my work has been on DITSCAP (SOON DIACAP)
Certification and Accreditation and producing System Security
Authorization Agreements. But now the government is have us SSEs do
Information Support Plan (formerly C4ISP). Anyway, the Program Managers
want us to do it.
While it is a little frustrating that I'm
stepping out of my security world and into Acquisitions, I can see the
potential for growth as I'm force to learn the Military equivalent of a
Business Continuity Plan.
Once I get a handle on the ISP I have a feeling that it will lead me to great things.
Ready to actually get the RMF/ISSO job?
Go from reading about the Risk Management Framework to doing it — with the full video course, the books, and a community of GRC professionals taught by Bruce Brown (CISSP, CGRC).
Get the RMF ISSO Foundations course → Browse the RMF & GRC books Join the free GRC community
Leave a Reply