Army sites have a large number of facility-related control systems (FRCSs), often from different vendors. As a result, obtaining the risk-management framework (RMF) authorization for these systems can be challenging. Issues, such as integrating the control system with traditional information technology (IT) infrastructure, resolving the vulnerabilities in front-end software and code, and addressing a lack of support for encryption and other common-level services that a traditional IT system provides, all add significant cost to control system procurement. In the Army, many systems are undergoing RMF authorizations on a site-by-site basis. The Directorate of Public Works (DPW) staff are typically responsible for ensuring the cybersecurity of the traditional IT components of the control system, as well as the operational technology (OT) components. By leveraging common IT services and infrastructure, it is possible to reduce RMF-related costs while increasing the chances of successfully obtaining an authority to operate (ATO) for these control systems.