The Risk Management Framework (RMF) Accelerator is a web-based system designed to streamline and automate the Authority to Operate (ATO) process with intuitive, self-guided navigation that simplifies the following RMF steps, in compliance with NIST SP 800-53, Rev 5:

• Step 1: Categorize Information System
• Step 2: Select Security Controls
• Step 3: Implement Security Controls (and submit ATO package)

The RMF Accelerator assists Information System and Facility Owners with:

• • Understanding control requirements, descriptions and supplemental guidance;

• • Automating selection and tailoring of security controls;

• • Gathering information about the implementation of applicable security controls and the operating environment;

• • Supporting assessment of the adequacy of required protective measures and automating the creation and management of Plan of Action & Milestones;

• • Reducing time to generate the System Security Plan (SSP) to support the security assessment in eMASS, CFACTS, and other similar systems;

• Providing greater transparency into control baseline changes, remediation items, residual risk, ATO status and overall readiness of the system/facility for accreditation.

RMF Accelerator enables selection of control families, security controls and sub-controls, based on Confidentiality, Integrity and Availability (CIA) impact level as Low, Moderate or High.