Federal Risk Management Framework (RMF) 2.0 Implementation DoD/IC
9/8/2020 - 9/10/202011/23/2020 - 11/25/2020COURSE LENGTH:
9:00am - 4:30pm
This 3 Day Course focuses on RMF as implemented within the Department of Defense (DoD) and Intelligence Communities (IC) and focuses on the Risk Management Framework prescribed by NIST Standards.
AUDIENCE AND PREREQUISITES
This course can also be used to aid in preparation for the ISC2 Certified Authorization Professional (CAP) exam, although it does not cover 100% of the CAP exam requirements. If your goal is primarily to prepare for the CAP Exam, you should use our course, Federal Risk Management Framework (RMF) 2.0 Implementation with CAP Exam Review.
This course is current as of March 2019. It was revised due to NIST producing new and updated publications over the preceding two years, including SP 800-37, rev. 2; SP-800-53, rev. 5; SP 800-160, V1 and V2; and SP 800-171, rev. 1 (among others). It was also revised due to additional DoD updates to DODI 8510.01. Downloadable ancillary materials include a study guide and a references and policies handout.
Course Cost doesn't include courseware cost $ 120. This cours is subject to a minimun enrollment to run. If the minimum enrollment is not met this couse may run as a virtual live instructor led course. For more information, please email: firstname.lastname@example.org or call 207-775-0244.
Chapter 1: Introduction RMF overview DoD- and IC- Specific Guidelines Key concepts including assurance, assessment, authorization Security controlsChapter 2: Cybersecurity Policy Regulations & Framework Security laws, policy, and regulations DIACAP to RMF System Development Life Cycle (SLDC) Documents for cyber security guidanceChapter 3: RMF Roles and Responsibilities Tasks and responsibilities for RMF rolesChapter 4: Risk Analysis Process Overview of risk management Four-step risk management process Tasks breakdown Risk assessment reporting and optionsChapter 5: Step 1: Categorize Step key references and overview Sample SSP Task 1-1: Security Categorization Task 1-2: Information System Description Task 1-3: Information System Registration Lab: The Security Awareness AgencyChapter 6: Step 2: Select Step key references and overview Task 2-1: Common Control Identification Task 2-2: Select Security Controls Task 2-3: Monitoring Strategy Task 2-4: Security Plan Approval Lab: Select Security ControlsChapter 7: Step 3: Implement Step key references and overview Task 3-1: Security Control Implementation Task 3.2: Security Control Documentation Lab: Security Control ImplementationChapter 8: Step 4: Assess Step key references and overview Task 4-1: Assessment Preparation Task 4-2: Security Control Assessment Task 4-3: Security Assessment Report Task 4-4: Remediation Actions Task 4-5: Final Assessment Report Lab: Assessment PreparationChapter 9: Step 5: Authorize Step key references and overview Task 5-1: Plan of Action and Milestones Task 5-2: Security Authorization Package Task 5-3: Risk Determination Task 5-4: Risk Acceptance DoD Considerations Lab Step 5: Authorize Information SystemsChapter 10: Step 6: Monitor Step key references and overview Task 6-1: Information System & Environment Changes Task 6-2: Ongoing Security Control Assessments Task 6-3: Ongoing Remediation Actions Task 6-4: Key Updates Task 6-5: Security Status Reporting Task 6-6: Ongoing Risk Determination & Acceptance Task 6-7: Information System Removal & Decommissioning Continuous Monitoring Security Automation Domains Lab: Info System & Environment ChangesChapter 11: DoD/IC RMF Implementation eMASS RMF Knowledge Service DoD/IC Specific Documentation RMF within DoD and IC process review