Risk Management Framework Implementation training | RMF Implementation v4.0 Training

Print Friendly, PDF & Email
Introduction

Risk Management Framework Implementation training | RMF Implementation Training Course Hands-on

Risk Management Framework Implementation training | RMF Implementation Training 4.0 focuses on the Risk Management Framework prescribed by NIST Standards. The Risk Management Framework Implementation training | RMF Implementation Training course can also be used as test preparation for the ISC2 Certified Authorization Professional (CAP) certification.

The 4.0 edition of the Risk Management Framework Implementation training | RMF Implementation Training course is current as of August 2017. This edition incorporates the revisions to NIST Special Publications (SP 800-160, 800-171, 800-53, etc.), the development and publication of the CNSSI-1253, change 2 and CNSSI-1254 for the IC, additional NIST Special Publications produced to support RMF steps and activities, and the passage of FISMA 2014, as well as practical experience as SCA and ISSE for over 10 ATO efforts under RMF over the past several years.

The Risk Management Framework Implementation training | RMF Implementation Training course comes with a disk of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials including a study guide and a References and Policies handout. Instructors will also have access to an exam with answer key.

Duration: 4 days

Risk Management Framework Implementation training
 

Risk Management Framework Implementation trainingRelated Courses
 

Customize It:

• If you are familiar with some aspects of Risk Management Framework Implementation training | RMF Implementation Training course, we can omit or shorten their discussion.
• We can adjust the emphasis placed on the various topics or build the Risk Management Framework Implementation training | RMF Implementation Training course around the mix of technologies of interest to you (including technologies other than those included in this outline).
• If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Risk Management Framework Implementation training | RMF Implementation Training course in manner understandable to lay audiences.

Audience / Target Group:

The target audience for this CHANGE course:

The target audience for this Risk Management Framework Implementation training | RMF Implementation Training course:

• IT professionals in the area of cybersecurity
• DoD employees and contractors or service providers
• Government personnel working in cybersecurity area
• Authorizing official representatives, chief information officers, senior information assurance officers, information system owners or certifying authorities
• Employees of federal agencies and the intelligence community
• Assessors, assessment team members, auditors, inspectors or program managers of information technology area
• Any individual looking for information assurance implementation for a company based on recent policies
• Information system owners, information owners, business owners, and information system security managers

What You Will Learn:

Upon completing this Risk Management Framework Implementation training | RMF Implementation Training course, learners will be able to meet these objectives:

• Cybersecurity Policy Regulations and Framework
• RMF Roles and Responsibilities
• Risk Analysis Process
• Step 1: Categorize
• Step 2: Select
• Step 3: Implement
• Step 4: Assess
• Step 5: Authorize
• Step 6: Monitor

Risk Management Framework Implementation training – Course Syllabus

Introduction

Introductions
About the CAP exam
Table of Contents

Chapter 1: Introduction

RMF overview
Key concepts including assurance, assessment, authorization
Security controls

Chapter 2: Cybersecurity Policy Regulations and Framework

Security laws, policy, and regulations
Documents for cyber security guidance
Assessment and Authorization transformation goals

Chapter 3: RMF Roles and Responsibilities

Tasks and responsibilities for RMF roles

Chapter 4: Risk Analysis Process

Four-step risk management process
Impact level
Level of risk
Effective risk management options

Chapter 5: Step 1: Categorize

Step 1 key references
Sample SSP
Task 1-1: Security Categorization
Task 1-2: Information System Description
Task 1-3: Information System Registration
Lab Step 1: Categorize

Chapter 6: Step 2: Select

Step 2 key references
Task 2-1: Common Control Identification
Task 2-2: Select Security Controls
Task 2-3: Monitoring Strategy
Task 2-4: Security Plan Approval
Lab Step 2: Select Security Controls

Chapter 7: Step 3: Implement

Step 3 key references
Task 3-1: Security Control Implementation
Task 3.2: Security Control Documentation
Lab Step 3: Implement Security Controls

Chapter 8: Step 4: Assess

Step 4 key references
Task 4-1: Assessment Preparation
Task 4-2: Security Control Assessment
Task 4-3: Security Assessment Report
Task 4-4: Remediation Actions
Lab Step 4: Assessment Preparation

Chapter 9: Step 5: Authorize

Step 5 key references
Task 5-1: Plan of Action and Milestones
Task 5-2: Security Authorization Package
Task 5-3: Risk Determination
Task 5-4: Risk Acceptance
Lab Step 5: Authorizing Information Systems

Chapter 10: Step 6: Monitor

Step 6 key references
Task 6-1: Information System and Environment Changes
Task 6-2: Ongoing Security Control Assessments
Task 6-3: Ongoing Remediation Actions
Task 6-4: Key Updates
Task 6-5: Security Status Reporting
Task 6-6: Ongoing Risk Determination and Acceptance
Task 6-7: Information System Removal and Decommissioning
Continuous Monitoring
Security Automation Domains
Lab Step 6: Monitoring Security Controls

Whether you are looking for general information or have a specific question, we want to help!

Request More Information

Time Frame: 0-3 Months4-12 Months

No Comments Yet.

Leave a comment

0