Home  >  ASQ Washington, DC &...  >  Events  >  Events & Networking  >  Software SIG: Overview of...   >>   Events Calendar  |  Suggest a Speaker  |  Program Feedback  |  Event Archives       Printable Version Tell a friend

Software SIG: Overview of the NIST Risk Management Framework as described in SP 800-37  

Patrick Henry Library, Vienna; FDA Silver Spring; MITRE Bedford MA; MITRE Eatontow; MITRE Aberdeen,
Patrick Henry Library, 101 Maple Ave E, Vienna, VA 22180
FDA, Bld 66, room G512, 10903 New Hampshire Avenue, Silver Spring, MD
Various, Maryland

May 24, 2011    6:30 pm - 8:30 pm

Overview of the NIST Risk Management

Framework as described in SP 800-37

by: Lance Kelson

Tuesday May 24, 2011

xxxx  xxxx

NIST SP 800-37 Rev 1, what’s changed?  What was the Guide for the Security Certification and Accreditation of Federal Information Systems is now the Guide for applying the Risk Management Framework to Federal Information Systems.  How is that different?   In addition, the basics of the Risk Management Framework as outlined in the updated 800-37 will be addressed.

Lance Kelson is currently the Department of the Interior (DOI) information security training program manager and an Adjunct Associate Professor teaching a graduate Information System Security course for Webster University on-site at Bolling Air Force Base.  He holds Project Management Professional, Certified Information System Security Professional, Certified Secure Software Lifecycle Professional, and Software Engineering Institute Capability Maturity Model Integration Appraiser certifications.  Mr. Kelson earned a Bachelor of Science in Industrial Engineering at Arizona State University and a Master of Business Administration at the University of Rochester.  Lance Kelson worked in private industry, mostly as an Information Technology Project Manager, before joining DOI.  He served as the HIPAA Security/Privacy Officer for a Medicaid Management Information System developer.  Mr. Kelson was a Certification Agent for a Learning Management System deployed throughout the Department of Homeland Security and for a Library of Congress Copyright Office Workflow Reengineering project.  He was also the Independent Verification and Validation (IV&V) team lead, project management and information assurance Subject Matter Expert for the Library of Congress project.

6:30 PM – Networking and Pizza(*)

7:00 - 8:00 PM – Program

(*) There is no cost to attend at McLean and Silver Spring.


The presentation will originate at the FDA facility, with video tele-conferencing (VTC) between:

MITRE, room 1N100

7515 Colshire Drive

McLean, VA 22102

host: Scott Ankrum

cell: 240-731-7581

FDA, Bld 66, room G512

10903 New Hampshire Ave

Silver Spring, MD 20993
host: James Simpson

cell: 301-996-4976



MITRE, room 2503

260 Industrial Way West

Eatontown, NJ 07724

host: Richard Eng

cell: 703-201-9112

MITRE, room 1M306

202 Burlington Rd (Rt. 62)

Bedford, MA 01730

host: Tim Rice

cell: 978-758-2704

For details and driving directions, see the May 2011 Software SIG Announcement.

If you can host another location via VTC, please contact Scott Ankrum (below)

TO ATTEND THE MeetingPlace Collaboration CONFERENCE:

1. Go to: http://audioconference.mitre.org/  2. Click on Attend Meeting. If MeetingPlace Collaboration Window does not automatically open, press connect.  3. Dial your telephone to connect to the audio of the meeting.

·        Dial 703-983-6338 (x36338) from the Washington DC region.

·        Dial 781-271-6338 (x16338) from the Bedford, MA region.

Meeting ID: 509509, when prompted.   Meeting Password: 05090509, when prompted.

Visit http://audioconference.mitre.org to test your web browser for compatibility with the web conference. Follow this link to the browser test link on the page.


Registration Website: http://www.asq509.org/ht/d/DoSurvey/i/26913