Course Description

Short Course | 30 hours 3.0 CEUs | $3,990

This course is focused on the proper assessment methods and procedures for controls defined in NIST SP 800-53 revision 4 and revision 5, as well as CNSSI 1253. This course is designed to provide Cybersecurity and Information Security Professionals that are responsible for the assessment of controls with the knowledge of control assessment methods, technologies, best practices, and techniques for proper assessment and documentation of assessment results in their environment. Students gain an understanding of the 2 new control families defined in NIST SP 800-53 R5 as well as the 18 families defined in SP 800-53 R4 and CNSSI 1253, and an in depth understanding of each control and how to assess each correctly.

Students gain an understanding of Control Assessment procedures; associated control assessment processes; implementation practices, techniques and technologies; roles and responsibilities; and artifacts development leading to U.S. Government information system authorization and approval during development and operations to include Information Security Continuous Monitoring (ISCM) assessments.

SEC550 is the second course in the Government Cybersecurity RMF Specialist. To complete the certificate students will also enroll in SEC525, & SEC575. Click on each course link for more details and to add to cart.

Course Outline

  • Introduction
  • Assessment principles
  • Control assessment of Federal Information Systems
  • Control assessment vs Penetration Testing
  • Control assessments and the RMF
  • Control assessments and the SDLC
  • Control assessment strategies
  • Control assessment Methods
  • Selecting qualified assessors
  • Foundations of control assessment
  • NIST Controls Overview
    • Management Controls
    • Operational Controls
    • Technical Controls
  • Manual vs automated assessment
  • In depth review of control families and control assessment procedures
    • Access Control
    • Awareness and Training
    • Audit and Accountability
    • Assessment, Authorization, and Monitoring
    • Configuration Management
    • Contingency Planning
    • Identification and Authentication
    • Individual Participation
    • Incident Response
    • Maintenance
    • Media Protection
    • Privacy Authorization
    • Physical and Environmental Protection
    • Planning
    • Program Management
    • Personnel Security
    • Risk Assessment
    • System and Services Acquisition
    • Systems and Communication Protection
    • System and Information Integrity
  • Assessment Documentation
    • Control Assessment Plan
    • Control Assessment Report
  • Control assessment Resources
  • Automated Control Assessment Tools

Learner Outcomes

Students learn and discuss the control assessment process integrated with the System Development Life Cycle to include roles and responsibilities; references; and guidelines. They complete exercises relevant to completing assessments, for example how to prepare for the assessment with a properly developed assessment plan, conducting the assessment, completing control artifacts for system authorization or continuous monitoring. Students will also learn and discuss the technologies, best practices, and procedures used in the control assessment. Other topics include life cycle activities in the DoD Instruction 8510.01 (RMF for DoD IT) NIST Special Publication (SP) 800-53 Security Controls, NIST assessment procedures, and enhancements to CNSS Instruction 1253. Training will include lectures and class discussions, class hands-on activities as well as individual hands on activities, case studies, and individual and team exercises.


  • Information System and Information Security experience.


30 Hours | 5 Days or 10 Nights

Applies Towards the Following Certificates

Enroll Now - Select a section to enroll in
Section Title
Risk Management Framework (RMF): Security Control Assessor
T, Th
Time (Central Time)
5:30PM to 8:30PM
Oct 08, 2024 to Nov 07, 2024
Schedule and Location
# of Course Hours
Delivery Option
Course Fee(s)
Rate non-credit $3,990.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.