By P. Devon Schall, MS, MAEd, CISSP, RDRP
We are excited to announce the addition of RMF supplemental training courses to our training catalog. After extensive discussion regarding our 2018 curriculum, we felt we would benefit students the most by offering “bitesized” courses to supplement our core four-day RMF for DoD IT and RMF for Federal Agencies classes. We recognize most of our students are working with already diminished resources and don’t have the bandwidth to be out of the office to travel and attend multiple training days. Our goal is to continue to deliver relevant and effective RMF training solutions that will save time and money in the implementation of the RMF life cycle. See below for a brief synopsis of our newest one-day course offerings:
Continuous Monitoring Training Program:
The program seeks to equip learners with knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation. The program focuses on Information Security Continuous Monitoring (ISCM) in accordance with NIST Special Publication (SP) 800-137, guidance from DoD and other federal agencies, and industry best practices. Completion of the full four-day RMF for DoD IT or RMF for Federal Agencies training program is a prerequisite.
eMASS eSSENTIALS™ Training Program:
The Enterprise Mission Assurance Support Service, or eMASS, is a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services for comprehensive, fully-integrated cybersecurity management, including controls scorecard measurement, dashboard reporting, and the generation of Risk Management Framework (RMF) package reports. The majority of DoD components have “standardized” on eMASS as the data repository for RMF Assessment and Authorization. We provide “how to” guidance for the most commonly-used eMASS functions.
RMF in the Cloud Training Program:
RMF in the Cloud Training is designed to answer foundational questions about RMF and cloud migration as well as offering BAI’s real world experience in cloud migration as a provider of RMF consulting services. RMF in the Cloud is a vendor neutral course utilizing our first-hand consulting experience. Some RMF in the Cloud topics include Cloud Preparation, Fed Ramp, Cloud Inheritance, Common Pitfalls, Cloud Tools, and eMASS and the Cloud.
Certified Authorization Professional (CAP) Exam Preparation:
Backed by (ISC)², CAP credentialing aligns with the Risk Management Framework (RMF). The CAP recognizes knowledge, skills and abilities to authorize and maintain information systems within RMF. It demonstrates the ability to formalize processes to assess risk and establish security documentation. BAI’s CAP Prep class focuses on exam preparation as well as analyzing the five domains in the (ISC)² CAP Common Body of Knowledge (CBK). We feel our core RMF for DoD IT and RMF for Federal Agencies courses provide the requisite foundational knowledge for the CAP exam, and this training focuses on helping our students take the next step and attain the CAP credential.