@misc{0c4b585aff414a8480563d87b7d55e05,
title = "Automation for Distributed Energy Resources Risk Manager Using OSCAL",
abstract = "The risk management framework (RMF) provides a well-organized and thorough approach to diagnose information technology (IT) system threats, to gather required materials to comply with industry standards, and to document a plan for achieving authority to operate (ATO). ATO is given by the operating authority with the awareness of vulnerabilities that arise when operating the IT system. The primary goal of the National Renewable Energy Laboratory{\textquoteright}s (NREL{\textquoteright}s) distributed energy resource (DER) RM application is to provide a user-friendly interface and in-depth guidance for generating the authorization package for the authorizing official to review. In other words, the application satisfies steps 1 through 7 of the RMF process with a focus on DERs.",
keywords = "cybersecurity, DER-RM, OSCAL",
author = "Anuj Sanghvi and Paul Wand",
year = "2021",
language = "American English",
series = "Presented at the 2nd Open Security Controls Assessment Language (OSCAL) Workshop, 2-3 February 2021",
type = "Other",
}