Official websites use .mil
Secure .mil websites use HTTPS
Robust risk management processes, including cybersecurity, that support capability experimentation, adoption, and operations, enabling resilient identification, mitigation, and recovery from threats or vulnerabilities.
The National Security Council guidance to federal agencies using AI in national security and defense contexts to mitigate potential risks from AI and ensure that AI use aligns with our country’s core values.
Framework to improve the ability to incorporate trustworthiness considerations into the design, development, use, and evaluation of AI products, services, and systems.
Cross-sectoral profile of and companion resource for the AI Risk Management Framework, specifically for Generative AI.
Provides one-stop access to cyber information, policy, guidance, and training for cyber professionals throughout the DoD, and the general public.
Establishes the cybersecurity Risk Management Framework (RMF) for DoD Systems and establishes policy, assigns responsibilities, and prescribes procedures for executing and maintaining the RMF.
U.S. General Services Administration resource to better understand the Authority to Operate (ATO) process.
Establishes the use cases and guidelines for evaluating a request for continuous authorization for a software factory and recommended processes required to generate a package.
Details a mature, proven, agile ecosystem that achieves the intent of the Risk Management Framework (RMF).
Brochure to help small businesses navigate the ATO process.