The Department of Defense (DOD) Information Assurance Certification and Accreditation Process (DIACAP) is undergoing its first transition and update since 2007. The new process is titled Risk Management Framework (RMF) and there are significant changes in the new guidance. Given the transition there are a number of implications for the training and simulation community for ensuring training systems maintain both their certification and their information security posture. Guidance for the transition has been evolving slowly with each the agencies initiating RMF implementation individually. The Program Executive Office for Simulation, Training, and Instrumentation (PEO STRI) follows Army guidance for the transition. This paper will define the formal requirements, new terminology, and discuss how the RMF risk assessment is determined. Additionally, we will capture the transition and migration of how PEO STRI will implement the Risk Management Framework. This paper will describe the tools that support the RMF implementation, such as the Knowledge Service (KS) and the Enterprise Mission Assurance Support Service (eMASS). We will describe the transition impacts for PEO STRI stakeholders such as contractors doing business with PEO STRI, system users, and Project Managers (PM). Each of the stakeholders will have unique concerns, impacts, and questions during the transition. There will be a number of challenges associated with transitioning to a new process that will be discussed. To conclude, we’ll provide guidelines to help the training and simulation community make the transition to RMF.