Learn what the Risk Management Framework is, how it is laid out, the pieces, and understand the basis for it along the lines of cyber compliance.

See how roles, groups and permissions affect the screen, menu, and functions of OpenRMF Professional from a security standpoint.

View OpenRMF Professional in a general sense to see the screen layout, menus, areas of concentration, templates, reports, and other functions to become familiar with the look, feel, and navigation.

See how you setup your system package to track your ATO, IATT, ATC, Type accreditation or your accreditation boundary as a package. This allows you to setup your RMF or FedRAMP level, add tailoring and overlays, setup POC information, and get ready to upload scans and generate your POAM and compl...

This video explains NIST control and subcontrols as it pertains to overlays, tailoring and your ATO package. This affects reporting and compliance for your entire package.

See how OpenRMF Professional uses templates for checklists for your SCAP and Audit Compliance scans. Match templates to scan types. Create and use organizational templates for boilerplate answers. And create checklists from blank templates easily in your system package.

See how notifications are used with OpenRMF Professional to keep you informed of what is happening in your system packages.

This video explains how you can upload your checklist CKL files, raw SCAP scan results as well as raw Compliance Scan results to create the needed compliance checklists. Match the scans to templates automatically to fill in the vulnerability information and find where you stand from a compliance ...

Demonstration on how to upgrade and Bulk Upgrade checklists using OpenRMF Professional.

See how you can use the bulk features for editing and locking checklists and individual checklist vulnerabilities across your entire ATO package. Save time, have consistent results, and remove false positives with these great features.

This section demonstrates how to using the principle of tagging checklists using OpenRMF Professional

See how you can upload or import Nessus patch vulnerability scans and Rapid7 Nexpose full audit scans to track patch vulnerabilities over time. Also automatically load your ports, protocols, and services listing. Fill in your hardware listing. And generate your software listing all from those sam...

This is a demonstration on how to or uploading Software, Container and Log scans results into OpenRMF Professional

See how you can use, save, import, and share compliance statements in your system package to track all controls even when not matched in an automated scan. Download filtered lists to use in other system packages to share statements. And use these when generating your compliance.

This goes over the Live Plan of Action and Milestone, (POAM), Mitigation Statements and Milestone Events and how each are used to manage your package.

Demonstration on how to generating compliance, saving and tracking compliance using OpenRMF Professional.

Demonstration of how you can apply weights to your vulnerabilities and findings to automate Cyber Readiness scoring and documentation delivery.

Demonstration on how to upload and retrieve an image and documents to Vulnerability Items in Checklists, POAM Items and Compliance Statements

This shows how to create Team Subpackages, apply assets to those packages to give your teams access to the checklists, patch information related to their function. This will allow your team to provide you with information for your system package without giving them access to the entire package.

How to utilize OpenRMF Professional to pull reports on system package information easy and effectively.

Demonstration on how to export documentation and checklists from OpenRMF Professional.

This video shows how system owners, PMs, ISSOs and ISSEs can setup a new system package in OpenRMF Professional to track an ATO, accreditation boundary or type accreditation successfully. Upload and configure initial compliance and mitigation statements. Setup tailoring and overlays. And get the ...

This video shows how you can load CKL files, audit compliance scan results, patch scan results, SCAP results, and fill out the checklists and host data for your system package. We review history, tracking, trends, scores, as well as filtering checklists by their open category vulnerabilities.

This video shows how you can create and start your live POAM from all your compliance data, as well as generating your compliance snapshot against all your checklist, compliance statement, and inherited controls informations.

This video shows how you can edit checklists, show the changes, track history of checklist updates, as well as see the automation when updating the status in the checklist as it applies to the POAM.

This video shows how a corporate level, manager, director, branch head or other management user can have read-only access into your system package to track information. They can run reports, see CCRI, view trends and checklist vulnerabilities as well as see compliance generated and the live POAM.

This video is from the viewpoint of showing an assessor or authorizing official (i.e. NAO) all data for the cyber compliance. Open vulnerabilities, patch data, hosts, compliance, POAM entries as well as run reports for the data they need for assessment.

This video shows how you can take DISA and other checklist templates, pre-fill out areas and status, lock vulnerabilities, and use as Organizational or System Package checklists for tracking compliance.

This video explains bulk editing vulnerabilities, bulk lock/unlock vulnerabilities, locking checklists, tracking checklist updates, and regenerating compliance over time to track trends and status of your system package.