All BAI classes now available live instructor-led online.
Coming soon! RMF for DoD IT + eMASS eSSENTIALS live instructor-led
Next class May June 12 - 16 in the Online Personal Classroom™.
We are uniquely positioned to deliver our training to private groups via Online Personal Classroom™ technology at very economical pricing. No travel expenses! We bring RMF to you!
"By far one of the best courses I have taken in a long time. I just finished up a 10 week graduate course on RMF and I learned more in this 4 day class from Linda than I did the entire 10 weeks, best money I have every spent!!"
"I’ve just completed the RMF for DoD IT course and I can honestly say, it has been a great 4 days, extremely eye opening and helpful. Anyone who is looking to up their RMF skills. strongly suggest you do this course."
BAI RMF Resource Center is the leading information security consulting and training company specializing in Risk Management Framework (RMF).
Our training enables our customers to understand and work through the many intricacies of the RMF process with an overall goal of achieving an Authorization to Operate (ATO) which is mandatory for systems to come online in a government environment.
With over 40 years experience, our team of consultants and trainers are experienced in the nuances of government information security and compliance.
RMF for DoD IT (4 days)
RMF for DoD IT training program is suitable for DoD employees and contractors. This four-day program includes comprehensive coverage on policy background, roles and responsibilities, lifecycle process, security controls/assessment and documentation. RMF for DoD IT is offered in a one day fundamentals class or the four day full program.
RMF for Federal Agencies (4 days)
RMF for Federal Agencies includes a high-level understanding of the RMF for Federal IT life cycle including security authorization (certification and accreditation) along with the RMF documentation package and NIST security controls. RMF for Federal Agencies is offered in a one day fundamentals class and the four day full program.
eMASS eSSENTIALS ™ (1 day)
eMASS eSSENTIALS ™ provides “how to” guidance for The Enterprise Mission Assurance Support Service, or eMASS, a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services supporting RMF in the DoD environment. Training includes the hands-on eMASS eXPERIENCE Simulator™. The eMASS eXPERIENCE Simulator™ was created to provide an authentic eMASS user experience without the consequences of entering incorrect data in a live eMASS system.
*The eMASS eXPERIENCE Simulator™ does not require a DoD Common Access Card (CAC).
STIG 101 (1 day)
STIG 101 is designed to answer foundational questions about DISA STIG tools as well as offering BAI’s real-world experience as a provider of RMF consulting services. The training program covers Security Technical Implementation Guide (STIG) Overview, Best Practices, STIG Content, SCAP Compliance Checker(SCC), STIG Viewer, How To STIG, SCAP/STIG Resources. Training includes a hands-on lab in a virtual environment.
RMF Supplement for DCSA Cleared Contractors (1 day)
This one-day course covers the specifics of RMF as it applies to cleared contractor companies under the purview of the Defense Counterintelligence and Security Agency (DCSA). Companies holding a Facility Clearance who also maintain “on premise” information technology (such as standalone computers and small networks) will benefit from this training.
RMF in the Cloud (1 day)
RMF in the Cloud is recommended for government employees and contractors working (or planning to work) in the cloud environment. This training program provides students the foundational knowledge to support RMF for government systems being developed for, or migrating to, the cloud environment.
Security Control Implementation and Assessment Workshop (4 days)
The Security Control Implementation and Assessment Workshop is a 4 day bundle made up of two separate classes focusing on steps 3 and 4 of the Risk Management Framework (RMF).
Continuous Monitoring (ISCM) Fundamentals (1 day)
The program seeks to equip learners with knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation. The program focuses on Information Security Continuous Monitoring (ISCM), which is one of the cornerstones of RMF.
DFARS Compliance with CMMC/NIST SP 800-171 Readiness Workshop (3 days)
All DoD contractors and subcontractors with systems that process, transmit or store Controlled Unclassified Information (CUI) must be compliant with the Defense Federal Acquisition Regulation Supplement (DFARS) cybersecurity requirements. These are specified in the DFARS Interim Rule based on NIST SP 800-171, and separately in the Cybersecurity Maturity Model Certification (CMMC) Level 3. Both apply controls from NIST SP 800-53, the catalog that forms the basis of the highly rigorous Risk Management Framework (RMF) for DoD Federal internal systems.
You can be confident this class will provide the knowledge and skills you need to meet DFARS.
RMF and Supply Chain Security (1 day)
The RMF and Supply Chain Security training program is tailored for government acquisition personnel, contractors, and vendors in the defense industrial base involved in procurement, IT security, compliance, and risk management. This class is for anyone responsible for the protection of sensitive information and intellectual property, including within their organization’s supply chain.
Our training team has an average of 20 years experience in information security and an extensive background working with government systems and agencies.
Our long-standing customers, some of whom have been with us since inception, bear testimony to the quality of our training. Our programs have helped clients achieve significant and sustainable improvement in their information security posture, improved stakeholder satisfaction, and continued RMF compliance.
Industry thought leadership
We invest heavily in developing knowledge and tools to ensure our programs deliver real-life success. Our team is continuously updating training materials to reflect current RMF guidance as well as publishing regularly in an effort to forecast the future of RMF.
BAI has over 40 years of experience working with technology systems and information security.
The details of RMF can be overwhelming, so we provide ongoing support to students as they work through RMF implementation in their environment.