Description

RMF for Federal Agencies Fundamentals (Day 1) provides an overview of information security and risk management and proceeds to a high-level view of RMF for Federal Agencies. Discussion is centered on RMF for Federal Agencies' policies, roles and responsibilities, along with key publications from Federal Information Security Management Act (FISMA), Federal Information Processing Standards (FIPS), the National Institute of Standards and Technology (NIST) and the Committee on National Security Systems (CNSS). The class includes high-level discussion of the RMF for Federal Agencies “life cycle”, including security authorization (aka. certification and accreditation), along with the RMF documentation package and security controls.

RMF for Federal Agencies In Depth (Days 2-4) expands on the fundamentals topics at a level of detail that enables practitioners to immediately apply the training to their daily work. Each student will gain an in depth knowledge of the relevant FIPS, FISMA, NIST and CNSS publications along with the practical guidance needed to implement them in the work environment. Each phase of the seven step RMF life cycle is covered in detail, as is each component of the corresponding documentation package. NIST Special Publication (SP) 800-53 Security Controls, along with corresponding assessment procedures, are covered in detail, as are CNSS Instruction 1253 “enhancements”. Individual and group activities are used to reinforce key concepts.

Successfully completing the 4-day RMF training course will help you gain the essential knowledge needed to qualify for the CGRC (Certified GRC Professional) Exam offered by ISC2.