10/1 Ask the Experts: Best Practices when implementing NIST RMF with Accenture Federal Services

Published on by Lisa Latour

The Risk Management Framework provides a process that integrates security and risk management activities into the system development life cycle. The risk-based approach to security control selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. ServiceNow and Accenture Federal Services have jointly developed a platform capability that provides a streamlined approach to managing the RMF steps and activities to help reduce complexity, reduce manual data entry, support the automated creation of RMF artifacts, and accelerate the assessment & authorization process.

Integrated Risk Management powered by ServiceNow:

Built in partnership with AFS and ServiceNow to develop the ServiceNow platform RMF 2.0 IRM capability to provide the latest features and functionality for a seamless, scalable, and extensible integrated federal assurance experience.
Is a Cyber Assurance Integration Framework (CAIF) leveraging Automation using Chatbot / RPA functionality in developing the A&A / ATO package to reduce manual input and complexity.
Streamlines Information Assurance (IA) with DevSecOps automation, solution delivery and sustainment activities to enable acceleration of Assessment and Authorization (A&A) / RMF activities and support the quick transition to an ongoing authorization operational model.
Integrates with ServiceNow GRC / IRM and Vulnerability Response modules to provide a single, integrated view for cyber assurance and reduce or eliminate manual process and data imports, and support efficient, automated artifact uploads.
Provides a holistic view into the overall assurance posture with real-time dashboards and reporting for every step of the RMF / CAIF process.

Featured Experts:

Matthew Fisher

Matthew Fisher is the Security and Risk Architect for ServiceNow's DoD/IC practice, where he helps customers automate their Security Operations Center, enhance their Vulnerability and Enterprise Risk programs as part of an integrated ITx team. Matt has a long history of proven performance architecting leading security solutions for the Federal government representing both startup and global technology companies such as Hewlett-Packard Enterprise. His experience spans both public and private sector and he is a trusted advisor to address tough challenges and drive customer success.

He came to ServiceNow with over 20 years of technical security experience in a variety of domains. He has an extensive background in technical software security and assurance, is a published security author, and has spoken at dozens of security, development, Defense and industry conferences around the world. Prior to starting his career in technology, Matthew served in the Army Infantry.

William Coffy

An experienced technology leader, Will has over 20 years experience delivering technology and cyber solutions to both commercial and US Federal clients, helping them solve their most complex business and security challenges. He is Currently a Senior Manager with Accenture Federal Services advising and delivering on the strategic adoption of digital platforms capabilities by the federal government.

As a technology executive, Will has supported the implementation of cyber assurance, security, and compliance capabilities across the government. Will is one of 60 ServiceNow Certified Master Architects worldwide, and his primary focus areas are the Security Operations and Governance, Risk, and Compliance platform capabilities.

Khushboo Doshi

Khushboo Doshi is an executive management professional with over 19 years of experience in leading the development and management of cybersecurity and audit projects for the federal and commercial sectors; generating innovative service offerings for enterprise information security and risk management; devising and implementing creative strategies to solve complex client problems; and producing measurable results that translate into revenue growth and high profitability. In her role as the Security Risk & Compliance Federal Portfolio Lead, she leads and cultivates a high performing team that develops security and audit strategy, architecture, engineering, policy and frameworks that address client’s most difficult mission challenges.

Extensive experience in ensuring FISMA, DIACAP, FedRAMP, OMB A-123, FISCAM and RMF compliance. Led information security risk assessments and served as the internal auditor for information security processes including risk identification, risk mitigation, and documentation.
Served as a security architect and trust advisor for client projects. Performed technical assessments, testing, and evaluation on information security technology products for securing and protecting computer applications, operating systems, and networks
Offers exceptional knowledge in advising senior management on strategic systems conversions and integrations in support of business goals and objectives. Ability to drive organic cyber and audit sales growth and origination on existing accounts

Recorded: Thursday, October 1, 2020

Join us on this discussion to watch the presentation and post your questions
(Video will be embedded below)

To Post questions, please log in to the community - it's free to join!

And Please Let our Experts know how they've helped! Comment Below!

Like, Share, Mark Helpful. Find More Events on the Community!