Loading...

Course Description

This course is focused on the transition to the new RMF v2.0 that is taking place within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC). This course is designed to provide Cybersecurity and Information Security Professionals that are responsible for implementing the unified federal Risk Management Framework (RMF), the knowledge, understanding and practices needed to apply the relevant DoD, NIST and CNSS publications to their work environment. Students will gain an understanding of the Risk Management Framework; associated risk management and assessment processes; implementation practices, techniques and technologies; roles and responsibilities; and artifacts development leading to U.S. Government information system authorization. Students will also learn and discuss the RMF seven (7) step process integrated with the System Development Life Cycle to include roles and responsibilities; references; and guidelines. They will complete exercises relevant to executing the RMF - for example, how to prepare for the RMF, categorize an information system, select security controls, and complete various RMF artifacts for system authorization. Students will also learn and discuss the technologies, best practices, and procedures used in the implementing the RMF. Other topics include life cycle activities in the DoD Instruction 8510.01 (RMF for DoD IT), NIST Special Publication (SP) 800-53 Security Controls, NIST assessment procedures, and enhancements from CNSS Instruction 1253. Training will include lectures and class discussions, class hands-on activities as well as individual hands-on activities, case studies, and individual and team exercises.

Course Outline

  • Introduction
  • Cybersecurity principles
  • Risk management of Federal Information Systems
  • Threats and issues
  • Framework and methodologies of information system risk assessment and management aligned to the RMF
  • Federal policies, instructions, and guidelines for implementing the RMF
  • Foundations of Information Security and Risk Management
  • RMF Life Cycle Process
    • Prepare Step – Organization
    • Prepare Step System
    • Categorize System Step
    • Select Controls Step
    • Implement Controls Step
    • Assess Controls Step
    • Authorize System Step
    • Monitor Controls Step
    • Roles and Responsibilities, References and Guidelines
  • RMF Documentation
  • System Security Plan
  • Security Assessment Report
  • NIST Controls
    • Security Controls
    • Management Controls
    • Operational Controls
    • Technical Controls
    • Controls Assessment
  • RMF Resources
  • Automated Security Tools
  • DIACAP to RMF Transition

Prerequisites

Information System and Information Security experience.

Duration

24 Hours | 4 Days or 8 Nights

Applies Towards the Following Certificates

Loading...
Enroll Now - Select a section to enroll in
Section Title
Applying the Risk Management Framework (RMF) and NIST Controls
Type
Instructor-Led
Days
T, Th
Time (Central Time)
5:30PM to 8:30PM
Dates
Jul 19, 2022 to Aug 18, 2022
Schedule and Location
# of Course Hours
30.0
Delivery Option
Course Fee(s)
Rate non-credit $3,595.00
Potential Discount(s)
Section Title
Applying the Risk Management Framework (RMF) and NIST Controls
Type
Instructor-Led
Days
T, Th
Time (Central Time)
5:30PM to 8:30PM
Dates
Aug 23, 2022 to Sep 15, 2022
Schedule and Location
# of Course Hours
24.0
Delivery Option
Course Fee(s)
Rate non-credit $3,595.00
Potential Discount(s)
Section Title
Applying the Risk Management Framework (RMF) and NIST Controls
Type
Instructor-Led
Days
M, W
Time (Central Time)
5:30PM to 8:30PM
Dates
Sep 12, 2022 to Oct 05, 2022
Schedule and Location
# of Course Hours
24.0
Delivery Option
Course Fee(s)
Rate non-credit $3,595.00
Potential Discount(s)
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.