Course Description
Information Security Risk Assessment 3-Day Course
The 3-day IS Risk Assessment course is designed to help students build a risk management platform that will address an organizations security concerns. In a growing number of companies, security has become the number one concern. In this 3-day workshop, students will focus on how developing and implementing a Risk Assessment process can increase the effectiveness of an organization’s IS program. This class is specifically designed around the NIST SP 800-30 Rev. 1, Guide for Conducting Risk Assessments.
What you learn:
- Define the risk management process
- Understand the steps of the risk assessment process
- Know the key terms and definitions
- Understand the risk management hierarchy and framework
- Know publications related to the RMF
- Understand the roles and responsibilities associated with the risk assessment process
- Understand how to prepare for the risk assessment
- Know the difference between qualitative and quantitative risk assessments
- Define the risk models
- Understand how to conduct a risk assessment
- Know how to identify and analyze vulnerabilities
- Be able to determine likelihood and impact
- Understand the security control selection process
- Understand how to select and tailor the security control baseline
- Know how to examine security controls, enhancements, and parameters
- Review implementation guidance
- Understand how to reduce risk through common controls
- Review risk assessment plans
- Understand assessment methodologies
- Know how to develop security assessment reports
- Be familiar with authorization recommendations
- Understand the process for updating authorization packages
- Define risk tolerance
- Understand Risk-Based and Authorization Decisions
- Be familiar with security authorization package artifacts and guidance
- Understand continuous monitoring strategies
- Review security impact assessments
- Know how to conduct annual security reviews
- Understand ongoing authorization
- Know how to update risk assessments
- Understand system removal and decommissioning procedures
- Review risk assessments
This class is designed for:
- IT Practitioners
- Cybersecurity Staff
Course includes the following takeaway items: a printed training book and a CD that includes reference materials pertaining to the course.
NICE Work Roles
Security Control Assessor
Conducts independent comprehensive assessments of the management, operational, and technical security controls and control enhancements employed within or inherited by an information technology (IT) system to determine the overall effectiveness of the controls (as defined in NIST SP 800-37).
Information Systems Security Manager
Responsible for the cybersecurity of a program, organization, system, or enclave.
Course Modules
- Module 1 - Introduction to Risk Assessment and Management
- Module 2 – System Categorization
- Module 3 – Selecting Appropriate Security Controls
- Module 4 – Implementation of Security Controls
- Module 5 – Assessment of Security Controls
- Module 6 - Authorizing System Operation
- Module 7 - Continuous Monitoring and Ongoing Authorizations
- Module 8 - Putting It All Together
Image Gallery
No image gallery for this course as of yet.
Course Video
No video for this course as of yet.
Share this course
Need more information on this course?
Course Overview
Related Courses
Course Testimonials
“It has been a great experience learning RMF by the way of the instructor, Ashely Roan who was very knowledgeable in the field. Thank you for making the course enjoyable, relatable and memorable!”
Ashanta Gamble
“Instruction was first rate. Lunarline worked with my organization in a flexible manner allowing me to obtain the training as required. I enjoyed the instructor- knowledgeable, personable, professional, entertaining and impressive.”
Kevin Shaffer
“Excellent learning experience. Many classes taken over my career, this class offered a “real” world approach to a new methodology. Easy to follow, repetitious in the right areas. Excellent coverage of material at appropriate pace. Real world example were good!”
Deedie Weaver
“The class was excellent! I will continue to take classes from Lunarline in the future. The course material being loaded on a tablet was also a great idea because this will be a great resource to have in my future meetings.”
Nakia Jackson