RMF - Risk Management Framework Implementation 2022
RMF - Risk Management Framework Implementation 2022 Course Details:
RMF - Federal Risk Management Framework Implementation 2022 focuses on the Risk Management Framework prescribed by NIST Standards. The course can also be used as test preparation for the ISC2 Certified Authorization Professional (CAP) certification.
Federal Risk Management Framework (RMF) Implementation 2022 focuses on the Risk Management Framework prescribed by NIST Standards. The course can also be used as test preparation for the ISC2 Certified Authorization Professional (CAP) certification.
The 2022 edition is current as of February 2022. It was revised due to NIST producing new and updated publications over the preceding two years, including NIST Special Publication (SP) 800-37, R2; SP-800-53, R5; SP 800-160, versions 1 and 2; and SP 800-171, R1 (among others).
The course comes with a disk of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials including a study guide and a References and Policies handout.
This Course Supports a DoD Approved 8570 Baseline Certification and meets: DoD Directive 8140 / 8570.01-M IT Training Requirements.
Call (919) 283-1653 to get a class scheduled online or in your area!
Introduction
- Introductions
- About the CAP exam
- Table of Contents
Chapter 1: Introduction
- RMF overview
- Key concepts including assurance, assessment, authorization
- Security controls
Chapter 2: Cybersecurity Policy Regulations and Framework
- Security laws, policy, and regulations
- Documents for cyber security guidance
- Assessment and Authorization transformation goals
Chapter 3: RMF Roles and Responsibilities
- Tasks and responsibilities for RMF roles
Chapter 4: Risk Analysis Process
- Four-step risk management process
- Impact level
- Level of risk
- Effective risk management options
Chapter 5: Step 1: Categorize
- Step 1 key references
- Sample SSP
- Task 1-1: Security Categorization
- Task 1-2: Information System Description
- Task 1-3: Information System Registration
- Lab Step 1: Categorize
Chapter 6: Step 2: Select
- Step 2 key references
- Task 2-1: Common Control Identification
- Task 2-2: Select Security Controls
- Task 2-3: Monitoring Strategy
- Task 2-4: Security Plan Approval
- Lab Step 2: Select Security Controls
Chapter 7: Step 3: Implement
- Step 3 key references
- Task 3-1: Security Control Implementation
- Task 3.2: Security Control Documentation
- Lab Step 3: Implement Security Controls
Chapter 8: Step 4: Assess
- Step 4 key references
- Task 4-1: Assessment Preparation
- Task 4-2: Security Control Assessment
- Task 4-3: Security Assessment Report
- Task 4-4: Remediation Actions
- Lab Step 4: Assessment Preparation
Chapter 9: Step 5: Authorize
- Step 5 key references
- Task 5-1: Plan of Action and Milestones
- Task 5-2: Security Authorization Package
- Task 5-3: Risk Determination
- Task 5-4: Risk Acceptance
- Lab Step 5: Authorizing Information Systems
Chapter 10: Step 6: Monitor
- Step 6 key references
- Task 6-1: Information System and Environment Changes
- Task 6-2: Ongoing Security Control Assessments
- Task 6-3: Ongoing Remediation Actions
- Task 6-4: Key Updates
- Task 6-5: Security Status Reporting
- Task 6-6: Ongoing Risk Determination and Acceptance
- Task 6-7: Information System Removal and Decommissioning
- Continuous Monitoring
- Security Automation Domains
- Lab Step 6: Monitoring Security Controls
*Please Note: Course Outline is subject to change without notice. Exact course outline will be provided at time of registration.
- Cybersecurity Policy Regulations and Framework
- RMF Roles and Responsibilities
- Risk Analysis Process
- Step 1: Categorize
- Step 2: Select
- Step 3: Implement
- Step 4: Assess
- Step 5: Authorize
- Step 6: Monitor
Those interested in Federal Risk Management (RMF) Implementation. Those interested in obtaining the ISC2 Certified Authorization Professional (CAP) certification.