Risk Management Framework (RMF) Implementation Training
Risk Management Framework (RMF) Implementation Training Course with Detailed hands-on exercises (Online, Onsite and Classroom Live)
Risk Management Framework (RMF) Implementation Training focuses on the Risk Management Framework prescribed by NIST Standards. The RMF Implementation Training course can also be used as test preparation for the ISC2 Certified Authorization Professional (CAP) certification.
The 4.0 edition of the course is current as of August 2017. This edition incorporates the revisions to NIST Special Publications (SP 800-160, 800-171, 800-53, etc.), the development and publication of the CNSSI-1253, change 2 and CNSSI-1254 for the IC, additional NIST Special Publications produced to support RMF steps and activities, and the passage of FISMA 2014, as well as practical experience as SCA and ISSE for over 10 ATO efforts under RMF over the past several years.
This course supports a certification that is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.
Duration: 4 days
RESOURCES
- Risk Management Framework (RMF) Implementation Training – https://www.wiley.com/
- Risk Management Framework (RMF) Implementation Training – https://www.packtpub.com/
- Risk Management Framework (RMF) Implementation – https://store.logicaloperations.com/
- Risk Management Framework (RMF) Implementation Training – https://us.artechhouse.com/
- Risk Management Framework (RMF) Implementation Training – https://www.amazon.com/
RELATED COURSES
- Risk Management Framework (RMF) Procedures Overview Training (DoDI 8510.01)
- Introduction to Risk Management Framework (RMF) Training
- Risk Management Framework (RMF) for Federal Systems Training
- Risk Management Framework (RMF) for DoD Security Controls Assessors (SCA) Training
- Risk Management Framework (RMF) for Federal Security Controls Assessors Training
- Risk Management Framework (RMF) for DoD & Intelligence Communities Information Technology Training
CUSTOMIZE It
- We can adapt this Risk Management Framework (RMF) Implementation course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this Risk Management Framework (RMF) Implementation course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the Risk Management Framework (RMF) Implementation Course around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the Risk Management Framework (RMF) Implementation course in manner understandable to lay audiences.
AUDIENCE/TARGET GROUP
The target audience for this Risk Management Framework (RMF) Implementation course:
- IT professionals in the area of cybersecurity
- DoD employees and contractors or service providers
- Government personnel working in cybersecurity area
- Authorizing official representatives, chief information officers, senior information assurance officers, information system owners or certifying authorities
- Employees of federal agencies and the intelligence community
- Assessors, assessment team members, auditors, inspectors or program managers of information technology area
- Any individual looking for information assurance implementation for a company based on recent policies
- Information system owners, information owners, business owners, and information system security managers
- Those interested in Federal Risk Management (RMF) Implementation. Those interested in obtaining the ISC2 Certified Authorization Professional (CAP) certification.
CLASS PREREQUISITES
The knowledge and skills that a learner must have before attending this Risk Management Framework (RMF) Implementation course are:
- N/A
Risk Management Framework (RMF) Implementation Training - OBJECTIVES
Upon completing this Risk Management Framework (RMF) Implementation course, learners will be able to meet these objectives:
- Cybersecurity Policy Regulations and Framework
- RMF Roles and Responsibilities
- Risk Analysis Process
- Step 1: Categorize
- Step 2: Select
- Step 3: Implement
- Step 4: Assess
- Step 5: Authorize
- Step 6: Monitor
Risk Management Framework (RMF) Implementation Training - COURSE SYLLABUS
Introduction
- Introductions
- About the CAP exam
- Table of Contents
Chapter 1: Introduction
- RMF overview
- Key concepts including assurance, assessment, authorization
- Security controls
Chapter 2: Cybersecurity Policy Regulations and Framework
- Security laws, policy, and regulations
- Documents for cyber security guidance
- Assessment and Authorization transformation goals
Chapter 3: RMF Roles and Responsibilities
- Tasks and responsibilities for RMF roles
Chapter 4: Risk Analysis Process
- Four-step risk management process
- Impact level
- Level of risk
- Effective risk management options
Chapter 5: Step 1: Categorize
- Step 1 key references
- Sample SSP
- Task 1-1: Security Categorization
- Task 1-2: Information System Description
- Task 1-3: Information System Registration
- Lab Step 1: Categorize
Chapter 6: Step 2: Select
- Step 2 key references
- Task 2-1: Common Control Identification
- Task 2-2: Select Security Controls
- Task 2-3: Monitoring Strategy
- Task 2-4: Security Plan Approval
- Lab Step 2: Select Security Controls
Chapter 7: Step 3: Implement
- Step 3 key references
- Task 3-1: Security Control Implementation
- Task 3.2: Security Control Documentation
- Lab Step 3: Implement Security Controls
Chapter 8: Step 4: Assess
- Step 4 key references
- Task 4-1: Assessment Preparation
- Task 4-2: Security Control Assessment
- Task 4-3: Security Assessment Report
- Task 4-4: Remediation Actions
- Lab Step 4: Assessment Preparation
Chapter 9: Step 5: Authorize
- Step 5 key references
- Task 5-1: Plan of Action and Milestones
- Task 5-2: Security Authorization Package
- Task 5-3: Risk Determination
- Task 5-4: Risk Acceptance
- Lab Step 5: Authorizing Information Systems
Chapter 10: Step 6: Monitor
- Step 6 key references
- Task 6-1: Information System and Environment Changes
- Task 6-2: Ongoing Security Control Assessments
- Task 6-3: Ongoing Remediation Actions
- Task 6-4: Key Updates
- Task 6-5: Security Status Reporting
- Task 6-6: Ongoing Risk Determination and Acceptance
- Task 6-7: Information System Removal and Decommissioning
- Continuous Monitoring
- Security Automation Domains
- Lab Step 6: Monitoring Security Controls
Risk Management Framework (RMF) Implementation Training Course Wrap-Up
Whether you are looking for general information or have a specific question, we want to help.
Request More Information