DEPARTMENT OF THE NAVY
USMC, US NAVY, DEPARTMENT OF THE NAVY
1000 NAVY PENTAGON
WASHINGTON DC 20350-1000
JOINT MEMORANDUM FOR DISTRIBUTION
Subj: Rapid Assess and Incorporate Software Engineering 2.0
Ref: (a) Department of Defense Instruction (DoDI) 8510.01, Risk
Management Framework (RMF) for DoD Information
Technology (IT), Jul 17, change 3, Dec 2020
(b) Department of Defense (DoD) Enterprise DevSecOps
Strategy Guide 2.0, Oct 2021
(c) Department of Navy Strategic Intent for Software
Modernization, Aug 2021
(d) Rapid Assess and Incorporate Software Engineering
(RAISE) 2.0 Implementation Guide, Oct 2022
1. This memorandum announces the Rapid Assess and Incorporate
Software Engineering (RAISE) 2.0 Implementation Guide in
accordance with references (a) through (d). RAISE 2.0 supports
direction from reference (c) to maximize practices that
prioritize security throughout the software development
lifecycle. Effective immediately, all programs with new software
starts and/or upgrades using containerized technologies must use
the RAISE 2.0 Implementation Guide.
2. RAISE 2.0 incorporates Agile and DevSecOps principles to
streamline and accelerate the RMF process using automation,
cyber verification tools, and certified Continuous Integration /
Continuous Delivery (CI/CD) pipelines to ensure containerized
software applications are built, tested, and deployed secure.
3. Using RAISE 2.0, containerized software applications will be
assessed and incorporated into an existing RAISE Platform of
Choice (RPOC) Authority to Operate (ATO) and are not required to
have a separate ATO.
4. The RAISE 2.0 Implementation Guide has been developed with
input from both the US Navy and US Marine Corps. The Services
may maintain internal guidance aligned with this policy sharing
any updates within the DON
5. Any programs with new software starts and/or upgrades using
containerized technologies that require an exception to this
policy must be escalated through respective Service chains of
command to the appropriate Deputy DON Senior Information
Security Officer as required to resolve in a timely manner.
