Course Description
Risk Management Framework for DoD and Intelligence Communities Information Technology (IT) In-Depth 3-Day Course
This course reviews, at an in-depth level, NIST SP 800-37, NIST SP 800-53, Rev 4, DoDI 8510.01, DoDI 8500.1, CNSS 1253, and other crucial directives that govern this process. This course equips the student with an overview of the system Authorization and Assessment (A&A) process and the Risk Management Framework (RMF) for DoD IT and National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF using the CNSS, DoD, and Special Access Program (SAP) requirements to provide a clear knowledge bridge to the revised system authorization processes – for those currently working with A&A or for those who have limited A&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms) for NSS and DoD Systems.
Students will engage in a series of hands-on activities that will provide active learning of the new processes, preparation of the documentation, and execution of the required security control assessments.
What you learn:
- Introduction to the Risk Management Framework and supporting laws, standards, and regulations
- The New Lexicon
- New Requirements under FISMA 2014
- RMF Roles and Responsibilities
- Steps in the RMF Process
- Preparing and submitting the authorization package
- Understanding and executing continuous monitoring
Students will engage in a series of hands-on activities that will provide active learning of the new processes, preparation of the documentation, and execution of the required security control assessments.
Course includes the following takeaway items: a printed training book and a CD that includes reference materials pertaining to the course.
NICE Work Roles
Information Systems Security Developer
Designs, develops, tests, and evaluates information system security throughout the systems development life cycle.
Information Systems Security Manager
Responsible for the cybersecurity of a program, organization, system, or enclave.
Share this course
Need more information on this course?
Course Overview
Related Courses
Course Testimonials
“It has been a great experience learning RMF by the way of the instructor, Ashely Roan who was very knowledgeable in the field. Thank you for making the course enjoyable, relatable and memorable!”
Ashanta Gamble
“Instruction was first rate. Lunarline worked with my organization in a flexible manner allowing me to obtain the training as required. I enjoyed the instructor- knowledgeable, personable, professional, entertaining and impressive.”
Kevin Shaffer
“Excellent learning experience. Many classes taken over my career, this class offered a “real” world approach to a new methodology. Easy to follow, repetitious in the right areas. Excellent coverage of material at appropriate pace. Real world example were good!”
Deedie Weaver
“The class was excellent! I will continue to take classes from Lunarline in the future. The course material being loaded on a tablet was also a great idea because this will be a great resource to have in my future meetings.”
Nakia Jackson