Who should attend
DoD employees, contractors, program managers, risk professionals, IT managers, and private industry practitioners who wish to understand the Risk Management Framework.
About the course
The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) provides a mechanism to inform risk decisions and improve cybersecurity. As federal government and private industry transition to RMF, a broad understanding of the entire process eases adoption challenges. Informative lectures provide in-depth knowledge concerning threat processes, risk-management concepts, and the roles defined by relevant Department of Defense (DoD), NIST, and Committee on National Security Systems publications. The six-step life cycle process is explored through presentations and hands-on exercises as attendees learn to categorize information systems, select security controls, implement controls, assess controls, authorize information systems, and monitor the security controls.
What You Will Learn
- Risk management framework overview
- Roles and responsibilities
- Tasks of the RMF six-step process
- Security controls
How You Will Benefit
- Understand the six-step risk management framework (RMF).
- Apply DoD and federal guidance to RMF processes.
- Practice performing the RMF steps through hands-on exercises and discussions.
- Explore common vulnerabilities.
- Unpack the NIST 800-53 control families.
- Key definitions
- Policy documents
- Overview of RMF process
ROLES AND RESPONSIBILITIES
- Identify RMF roles
- Understand responsibilities for each role
RMF SIX STEP PROCESS
- NIST 800-53 control families
- Understanding how controls reduce risk
- Documents used to track controls
Barbara Fox (CISSP) is a Research Scientist in the Georgia Tech Research Institute (GTRI) Cyber Technology and Information Security Laboratory (CTISL). Her research focuses on risk management, emerging threats, malware analysis, and insider threat. Ms. Fox combines a rich background in instructio...
We are happy to help you find a suitable online alternative.