What is eMASS?

About the Speaker

Joshua Burnett is a former Senior Consultant at Defense Information Systems Agency (DISA) and currently an instructor and curriculum developer for eMASS training courses.

What is eMASS – Video Transcript

“eMASS is the automated tool selected by DoD CIO and DISA to automate the entire RMF process. We have transitioned from DIACAP to Risk Management Framework as directed by NIST and DISA guidance.

That transition requires a vast majority of systems to transition over from DIACAP to RMF within eMASS.

eMASS is an automated tool that allows the entire approval chain to automate their input into the Risk Management Framework A&A process. Every single step within eMASS A&A involves someone within the A&A chain; the seven roles inside the A&A chain, to partake in using emass.

eMASS starts at project creation and does not end until a system is actually bedded down at the end of its lifecycle. It supports primarily the registration process and package creation process for Risk Management Framework and then it ends with continuous monitoring; the sixth step, the last step of Risk Management Framework. eMASS allows the entire IA chain to take part in the entire approval process.