System Assessment and Authorization Process

Heinz College

Heinz College

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Who should attend

Leaders, managers, and technical staff members with oversight and/or management responsibility for information system:

  • development, integration, or acquisition,
  • security or privacy control implementation,
  • security or privacy assessment,
  • authorization,
  • monitoring,
  • operations.

Those wishing to gain implementation knowledge as well as high-level knowledge of RMF and NIST Security Controls will find value in attending as well.

About the course

This two-day course introduces the NIST Risk Management Framework (RMF) process for system assessment and authorization. The RMF is the cybersecurity framework mandated for Federal Government departments and agencies, including the U.S. Department of Defense (DoD). Like other NIST guidance, the RMF is also used by organizations outside of the federal government to ensure a comprehensive and effective system assessment and authorization process.

This course places the RMF process within a broader Cyber Risk Management and Resilience context and provides guidance on implementing a disciplined and effective RMF process. The course includes lectures and class exercises with opportunity for discussions and participant questions. After attending the course, participants will understand the fundamental concepts underpinning the Risk Management Framework, have a working knowledge of RMF process steps, and be able to improve the implementation of RMF in their organizations.

Objectives

This class will teach students about the Risk Management Framework and explore the six steps identified in NIST Special Publication 800-37 Rev 1, updates in Revision 2, as well as approaches to implement the NIST RMF. RMF aims to improve information security, strengthen the risk management processes, and encourage reciprocity among federal agencies.

Successful completion of this course will enable participants to

  • Describe how System Authorization fits into an organization's security strategy
  • Identify governance components that impact the System Authorization process
  • Explain how Privacy and Security drive control requirements
  • Explain the steps to authorize a system
  • Identify various roles and responsibilities associated with System Authorization
  • Begin planning for implementation of RMF in their organization

Topics

  • Risk Management and Resilience
  • Cybersecurity Frameworks and Standards
  • Privacy and Security
  • NIST Risk Management Framework (RMF)
    • Prepare
    • Categorization of the information system
    • Select Security Controls
    • Implement Controls
    • Assess Controls
    • Authorize the System
    • Monitor
  • RMF Roles and Responsibilities

Materials

Participants will receive a course notebook and a downloadable copy of course materials, including course slides, supplementary handouts, and exercises.

System Assessment and Authorization Process at Heinz College

This course has no confirmed dates in the future. Subscribe to be notified when it is offered.


Something went wrong. We're trying to fix this error.

Thank you

Someone from the Coursalytics team will be in touch with you soon.

Disclaimer

Coursalytics is an independent platform to find, compare, and book executive courses. Coursalytics is not endorsed by, sponsored by, or otherwise affiliated with any business school or university.

Full disclaimer.

Because of COVID-19, many providers are cancelling or postponing in-person programs or providing online participation options.

We are happy to help you find a suitable online alternative.