Contact: 571-249-1290

DSS Risk Management Framework

In June of 2018, the Defense Security Service (DSS) released the new DSS Assessment and Authorization Process Manual (DAAPM) detailing the latest requirements of the Risk Management Framework (RMF) in accordance with NIST 800-37 and NIST 800-53 Rev. 4.  

The new NIST 800-37 DSS Risk Management Framework is a significant undertaking for most organizations as all defense contractors with a classified system must now comply with the RMF process in order to receive or maintain their system authorization. 

 Sign Up for Free Consultation


As of January 14, 2020, Microsoft will no longer provide support or security updates for Windows 7. All DSS RMF - authorized systems running on Windows 7, will have to be re-authorized when they upgrade to Windows 10 or switch to a different operating system. As the implementation and authorization process can take several months, don’t wait until the deadline. Make preparations now to upgrade your system and re-authorize.

Schedule Consultation

RMF Steps

Organizations are responsible for implementing steps 1 – 4, which can take up to 90 days to complete. The authorization step conducted by DSS can also take up to 90 days, so organizations should start the DSS RMF process as soon as possible to avoid a lapse in system authorization.

Windows 7, DSS RMF

Our Services

Secure Open Solutions handles all aspects of DoD Risk Management Framework compliance including:

• DSS System Security Plan (SSP) • Security Controls Policies and Implementation • Incident Response Plan • Configuration Management Plan • Contigency Plan • Plan of Action & Milestones (POA&M) • Continuous Monitoring Support

Get Started

Secure Open Solutions © 2019 Phone: (571) 249-1290 | 5700 General Washington Drive, Suite H, Alexandria, VA 22312