Hello fellow candidates,
Curious on others thoughts regarding DIACAP being replaced with RMF. Based on the NIST listed as additional resources, it seems like it would be more beneficial to focus on the RMF process and how it fits into information systems security engineering.
The original CBK gets into DIACAP and NIACAP but I think I'm just going to read it for context but really focus more on RMF.
Curious on how you all are approaching this particular topic. Thanks.
DIACAP and NIACAP are no longer relevant. Stick to learning RMF and 800-53, rev 5
You actually might come across some job postings or even systems mentioning DIACAP to RMF and that is because they have not completed transition (note it should have been done prior to 2014). Regardless it would be addressed in the new system registration. National Institute of Standards and Technology | NIST has not only a "free" training on RMF but also plenty of regulations and publications to review to become familiar with the process. Good to know if you plan on doing government contracting or employee providing system IT support.
OMG if an agencies system has not followed the prescribed transition guidance (here on page 43) by now then explore other career enhancing opportunities...also stay away from postings that use scrabble as an input for job descriptions... next they will be asking if you know DITSCAP... in which case run!
Thank you all for the insight and thoughts. Just wanted to make sure I had the right frame of thought.
does rmf come up in the issap exam ?