Course Description

Certificate 72 hours 7.2 CEUs $9,970

A compilation of our courses: Applying the Risk Management Framework (RMF) and NIST Controls, Security Control Assessment, Information Security Continuous Monitoring (ISCM).

SEC525 - Applying the Risk Management Framework (RMF) and NIST Controls

24 Hours | 2.4 CEUs | $3,595

  • This course is focused on the transition to the new RMF v2.0 that is taking place within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC). This course is designed to provide Cybersecurity and Information Security Professionals that are responsible for implementing the unified federal Risk Management Framework (RMF), the knowledge, understanding and practices needed to apply the relevant DoD, NIST and CNSS publications to their work environment. Students will gain an understanding of the Risk Management Framework; associated risk management and assessment processes; implementation practices, techniques and technologies; roles and responsibilities; and artifacts development leading to U.S. Government information system authorization. Students will also learn and discuss the RMF seven (7) step process integrated with the System Development Life Cycle to include roles and responsibilities; references; and guidelines. They will complete exercises relevant to executing the RMF - for example, how to prepare for the RMF, categorize an information system, select security controls, and complete various RMF artifacts for system authorization. Students will also learn and discuss the technologies, best practices, and procedures used in the implementing the RMF. Other topics include life cycle activities in the DoD Instruction 8510.01 (RMF for DoD IT), NIST Special Publication (SP) 800-53 Security Controls, NIST assessment procedures, and enhancements from CNSS Instruction 1253. Training will include lectures and class discussions, class hands-on activities as well as individual hands-on activities, case studies, and individual and team exercises.

SEC550 - Risk Management Framework (RMF): Security Control Assessor

30 Hours | 3 CEUs | $3,990

  • This course is focused on the proper assessment methods and procedures for controls defined in NIST SP 800-53 revision 4 and revision 5, as well as CNSSI 1253. This course is designed to provide Cybersecurity and Information Security Professionals that are responsible for the assessment of controls with the knowledge of control assessment methods, technologies, best practices, and techniques for proper assessment and documentation of assessment results in their environment. Students gain and understanding of the 2 new control families defined in NIST SP 800-53 R5 as well as the 18 families defined in SP 800-53 R4 and CNSSI 1253, and an in depth understanding of each control and how to assess each correctly.

SEC575 - Information Security Continuous Monitoring (ISCM) Training

18 Hours | 1.8 CEUs | $2,385

  • ISCM was developed by the US National Institute of Standards and Technology (NIST). NIST provides detailed guidance on implementing a risk management framework. It also provides a detailed and broad control set for federal agencies to adopt— though any organization can adopt the controls as standards. There are lessons to be learned and technology improvements that can be implemented in any industry, such as finance, utilities, health care, and more. A combination of the risk management framework, control set and the continuous monitoring implementation guidance can be used to set up acceptable continuous monitoring plan. In this course students explore new guidance, policy and procedures for implementing a well- developed and thorough strategy for building a continuous monitoring program IAW SP 800-137, 800-39, 800-55, 800-128, 800-37 (Rev. 2), and 800-53 (Rev. 5). Topics include roles and responsibilities, establishment and implementation of the ISCM strategy, analysis and reporting of findings, and program review in accordance with NIST Special Publication (SP) 800-137. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation.

Course Outline


Additional Information

  • Classes are delivered in Central Time Zone and class times are notated on each course link.
  • Corporate discounts are applied in the cart/checkout.


  • There are no prerequisites for this course.


72 Hours | 12 Days or 24 Nights
Enroll Now - Select a section to enroll in
Section Title
Government Cybersecurity RMF Specialist
Section Schedule
Date and Time TBA
Delivery Option
Course Fee(s)
Rate non-credit $9,970.00
Potential Discount(s)
Section Notes

To complete "Government Cybersecurity RMF Specialist Certificate", you must enroll in SEC525, SEC550, & SEC575 and take the courses in chronological order. Click on each course link for more details and to add to cart:

Applying the Risk Management Framework (RMF) and NIST Controls (SEC525): pick one

  • Starts Apr 23, 25, 30, May 2, 7, 9, 14, 16
  • Starts Jul 22, 24, 29, 31, Aug 5, 7, 12, 14
  • Starts Aug 20, 22, 27, 29, Sep 3, 5, 10, 12

Risk Management Framework (RMF): Security Control Assessor (SEC550)pick one

  • Starts May 21, 23, 28, 30, Jun 4, 6, 11, 13, 18, 20

Information Security Continuous Monitoring (ISCM) Training (SEC575)pick one

  • Starts Jul 9, 11, 16, 18, 23, 25
Required fields are indicated by .
*Academic Unit eligibility to be determined by college/university in which you are enrolled in a degree seeking program.