Recent Articles

The Common Control Conundrum

What are Common Controls? Common controls are security controls that can support multiple information systems efficiently and effectively as a common capability. They typically define the foundation of a system security plan. Common controls are the security controls you need to do the most work to identify when developing your risk-based cybersecurity strategy and your system...

Think INSIDE the Box

Data Residency and Risk Management Data residency analysis is the process of determining the physical or geographic location of the data and digital artifacts that reside in your information system.  Luckily data residency for US public sector agencies is well defined.  The data and information resources of US government systems it needs to reside within...

Know Your Boundary

Do You Know Your RMF Boundaries? The first step in the six step risk management framework (RMF) process is categorizing your system.  The first step in categorizing your system is establishing the system boundary.  The boundaries of your system and how you categorize it will  drive your risk management strategy.  Your risk management strategy in...

Office 365 Government New Features!

Legacy systems for government workers are often clunky and inefficient. Fortunately, with new features and updates from Office 365 Government, personnel get access to the latest technology and software with the ease and intuitiveness of a home PC Windows system. That allows government employees to be much more productive while at the same time working...

What is ATO as a Service™?

The process to obtain a FedRAMP/Risk Management Framework (RMF) Authority To Operate (ATO) is very time consuming, manual, and paper-intensive. Until now! Introducing ATO as a Service™, an innovative Software as a Service (SaaS) that expedites FedRAMP/RMF processes, auto-generates authorization package documents, and automates continuous monitoring for your Microsoft Cloud-hosted information systems. cFocus Software has...

SharePoint Case Study – AFDW

cFocus Software was tasked to stabilize, manage and support Air Force District of Washington’s (AFDW)’s SharePoint environment as well as perform a major SharePoint migration from SharePoint 2007 to SharePoint 2013. As a result of cFocus’ SharePoint work, AFDW can now operate efficiently and effectively without, frequent SharePoint outages. With the implementation of SharePoint 2013...

RMF, Security Plans, POAMs: All Dynamic

Anyone who has ever used the Risk Management Framework (RMF) in two or more different organizations can attest to how dynamic RMF, Security Plans, and Plans of Action and Milestones (POAMs) are. They are so dynamic, in fact, that no two organizations utilize them the same. That’s one of the things that Information Assurance professionals...