Skip to main content

The 4-day RMF (Risk Management Framework) for DoD (Department of Defense) IT class covers essential concepts and practices for managing risks associated with IT systems within the DoD framework. Topics include understanding the RMF process, identifying security controls, assessing system vulnerabilities, and developing strategies for risk mitigation.

Live online events

  • 24 June
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 24 June
    4 days, 10:00 AM PDT - 05:00 PM PDT
    • PD hours: 32
    • $2,295.00 excl.
  • 08 July
    4 days, 08:30 AM CDT - 05:00 PM CDT
    • PD hours: 32
    • $2,295.00 excl.
  • 15 July
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 29 July
    5 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 05 August
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 12 August
    4 days, 08:30 AM EDT - 05:00 PM EDT
    • PD hours: 32
    • $2,295.00 excl.
  • 19 August
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 26 August
    4 days, 08:30 AM MDT - 05:00 PM MDT
    • PD hours: 32
    • $2,295.00 excl.
  • 09 September
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.
  • 23 September
    4 days, 08:30 AM PDT - 05:00 PM PDT
    • PD hours: 32
    • $2,295.00 excl.
  • 23 September
    4 days, 10:00 AM EDT - 05:00 PM EDT
    Online
    • PD hours: 32
    • $2,295.00 excl.

Description

RMF for DoD IT Fundamentals (Day 1) provides an overview of information security and risk management and proceeds to a high-level view of RMF for DoD IT. Discussion is centered on RMF for DoD IT policies, roles and responsibilities, along with key publications from DoD, the National Institute of Standards and Technology (NIST) and the Committee on National Security Systems (CNSS). The class includes high-level discussion of the RMF for DoD IT “life cycle”, including security authorization (aka. certification and accreditation), along with the RMF documentation package and security controls.

RMF for DoD IT In-Depth (Days 2-4) expands on the fundamentals topics at a level of detail that enables practitioners to immediately apply the training to their daily work. Each student will gain an in depth knowledge of the relevant DoD, NIST and CNSS publications along with the practical guidance needed to implement them in the work environment. Each phase of the seven step RMF life cycle is covered in detail, as is each component of the corresponding documentation package. NIST Special Publication (SP) 800-53 Security Controls, along with corresponding assessment procedures, are covered in detail, as are CNSS Instruction 1253 “enhancements”. Individual and group activities are used to reinforce key concepts.

Successfully completing the 4-day RMF training course will help you gain the essential knowledge needed to qualify for the CGRC (Certified GRC Professional) Exam offered by ISC2. 

Private Group Classes

If you have a group of students (normally 8 or more), any of our training programs can be delivered at your site (in a suitable classroom facility), or in our Online Personal Classroom. Group classes offer significant savings over individual class registrations; the larger the class, the greater the savings.

Please click here to request a quote.

Who Should Attend

The RMF for DoD IT training program is suitable for DoD employees and contractors, as well as their supporting vendors and service providers. The full four-day program is recommended for most students. Managers and others who need only high-level knowledge of RMF have the option of attending just the RMF for DoD IT Fundamentals (one day).

Course Prerequisites

While no prerequisites are required for enrollment in this course, possessing a foundational comprehension of information security principles and a grasp of compliance and regulatory standards is advantageous. Familiarity with concepts like confidentiality, integrity, availability, risk assessment, and vulnerability management is beneficial. Prior experience in IT or cybersecurity is recommended to enhance your learning experience.

Payment Options

  • Credit card
  • Bank Transfer/ACH
  • Check (Mail)
  • SF182 – government entities may submit an SF182 for invoicing after completion of training
  • PO – purchase orders are accepted from government and major corporate entities