This Course is available in the following format:
Risk Management Framework for Federal Systems Training In-depth Hands-on
Risk Management Framework for Federal Systems Training – Federal Information Security Modernization Act (FISMA 2014)/NIST training provides students with a fundamental knowledge of the requirements for meeting FISMA requirements, as well as an in-depth look of the Federal system authorization process and Risk Management Framework (RMF). This hands-on Risk Management Framework for Federal Systems Training equips the students with an in-depth indoctrination into the RMF and they will learn the requirements for managing risk, and ensuring that the confidentiality, availability and integrity of federal information and information systems is protected at a level commensurate with the security requirements of the information and the information system.
Students will participate in a series of scenario-based hands-on exercises to enhance understanding of the processes used for system authorization, including all of the elements of the Risk Management Framework. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for Federal Information Systems. The fourth day of the FISMA/ NIST RMF Intensity course provides each student with a hands on experience in using automated vulnerability assessment and other tools used to support the Federal authorization process.
The knowledge and skills that a learner must have before attending this Risk Management Framework for Federal Systems Training course are:
• Risk Management Framework for Federal Systems Overview
What You Will Learn:
Upon completing this Risk Management Framework for Federal Systems Training course, learners will be able to meet these objectives:
• The fourth day of this Intensity course provides each student with a hands-on experience in using automated vulnerability assessment and other tools used to support the DoD and IC system authorization process. This is taught through lecture, hands-on exercises, and group discussion.
Risk Management Framework for Federal Systems Training – Course Syllabus
Module 1: Critical Definitions and Policies
Module 2: C&A Transformation/Transition Overview
Module 3: The IC and the Transformation
Module 4: Roles & Responsibilities
Module 5: Accreditation Boundary
Module 6: System Categorization
Module 7: Select Security Controls
Module 8: Implement, Document & Assess Security Controls
Module 9: Authorize Information System
Module 10: Monitor Information System
Module 11: Reciprocity
Module 12: Supporting Tools
Module 13: Certification Testing