DCSA Training Press Release

20 August 2020

Fairlawn, VA – BAI Information Security is pleased to announce a new training program focusing on Risk Management Framework (RMF) as it applies to cleared contractor companies under the purview of the Defense Counterintelligence and Security Agency (DCSA). “RMF Supplement for DCSA Cleared Contractors is a one-day class designed as a follow-on to our four-day RMF for DoD IT training program,” said P. Devon Schall, BAI’s Executive Director of Training Services. “The class covers the unique aspects of RMF as it applies to cleared contractor companies operating classified IT systems on their premises.”
Training topics include:

  • Introduction to DCSA
  • RMF Roles and Responsibilities
  • Types of Systems
  • Authorization Boundaries
  • RMF Life Cycle
    -Step 0 – Prepare
    -Step 1 – Categorize
    -Step 2 – Select
    -Step 3 – Implement
    -Step 4 – Assess
    -Step 5 – Authorize
    -Step 6 – Monitor
  • Documentation Artifacts
  • Type Authorization
  • Security Control Inheritance
  • NISP eMASS
  • Support Tools and Resources

BAI is offering RMF Supplement for DCSA Cleared Contractors on a regularly-scheduled basis in an online, instructor-led format, using our Online Personal Classroom™ technology. The cost is $750 per student. The class is also available to private groups of at least 8 students within a company or agency, with significant savings based on class size.

About BAI
BAI Information Security is a trusted provider of training and consulting services to the Department of Defense and other federal agencies, along with their supporting contractors and vendors. BAI’s core training curriculum is based on the Risk Management Framework (RMF), initially developed by the National Institute of Standards and Technology (NIST) and now implemented throughout the Department of Defense, Federal departments/agencies, and the
Intelligence Community. To date, BAI has trained thousands of students internationally on RMF and related processes, and has provided consulting services to numerous government agencies and Fortune 500 companies. Founded in 1974, BAI is headquartered in Fairlawn, Virginia.

For more information, please visit: www.rmf.org, or contact Alice Steger, Director of Marketing, at 1-800-RMF-1903 X106.

eMASS eSSENTIALS Training Simulator Press Release

20 August 2020

Fairlawn, VA – BAI Information Security is pleased to announce the launch of a new eMASS eSSENTIALS web-based simulator which was built directly off of actual eMASS and has the same user interface and user experience. BAI recognizes that eMASS is a stumbling block for many new RMF practitioners. To
mitigate these challenges, our instructional designers felt the creation of an eMASS sandbox environment where students could practice working in eMASS without being scared to submit incorrect data or follow the correct procedures would be highly beneficial! Some facts about our new eMASS Simulator:

  • No CAC required
  • Live hands on cloud-based eMASS simulation environment
  • The simulator will be available to all students who attend BAI’s one-day eMASS eSSENTIALS
  • training course
  • The eMASS Simulator provides guidance and the capability for the most used eMASS functions including:
    -System Registration
    -Security Controls and Test Results
    -Artifacts
    -Asset Manager
    -Plan of Action & Milestones (POA&M)

BAI is offering eMASS eSSENTIALS on a regularly-scheduled basis in an online, instructor-led format, using our Online Personal Classroom™ technology as well as in-person at select locations throughout the United States. The cost is $750 per student. The class is also available to private groups of at least 8 students within a company or agency, with significant savings based on class size.

About BAI
BAI Information Security is a trusted provider of training and consulting services to the Department of Defense and other federal agencies, along with their supporting contractors and vendors. BAI’s core training curriculum is based on the Risk Management Framework (RMF), initially developed by the National Institute of Standards and Technology (NIST) and now implemented throughout the Department of Defense, Federal departments/agencies, and the  intelligence Community. To date, BAI has trained thousands of students internationally on RMF and related processes, and has provided consulting services to numerous government agencies and Fortune 500 companies. Founded in 1974, BAI is headquartered in Fairlawn, Virginia. For more information, please visit: www.rmf.org, or contact Alice Steger, Director of Marketing, at 1-800-RMF-1903 X106.

BAI Announces Dr. P. Devon Schall (Dr. RMF)

19 December 2018

Fairlawn, VA. —  BAI Information Security is pleased to announce Dr. P. Devon Schall has completed doctoral studies with a dissertation topic titled Examining the Relationship between Formal RMF Training and Perceptions of RMF Effectiveness, Sustainability, and Commitment in RMF Practitioners. BAI is excited to contribute to academic research being conducted on RMF. Currently, Dr. Schall has observed a large gap in peer-reviewed RMF research, and he hopes to fill this gap as he is committed to improving the real-world application of RMF with the goal of mitigating the idea that RMF is failing.

A summary of Dr. Schall’s research is below and the complete study can be found at http://www.rmf.org/rmf-dissertation.

Examining the Relationship between Formal RMF Training and Perceptions of RMF Effectiveness, Sustainability, and Commitment in RMF Practitioners

Quantitative data on the perceived confidence, compliance commitment, and sustainability ratings for RMF were collected and used in this research. Survey research was implemented, and data were collected through a questionnaire. The intended participants in the study were those who work in the U.S. Government or serve as U.S. Government contractors with requirements of cybersecurity compliance in their job roles. The survey questionnaire was provided to the members of the LinkedIn group titled Risk Management Framework (RMF) Resource Center via a survey link posted in the group as well as a private message sent to each member of the group with an explanatory invitation. This group consists of 1779 members and was established to provide its members with the opportunity to connect in understanding RMF. The survey was presented to all group members without any prior research or bias regarding their previous RMF training received or years of experience. The data were analyzed utilizing statistical methods of descriptive statistics, analysis of variance (ANOVA) and Pearson’s Correlations.

Based on the results of this study, a significant, positive relationship exists between the receipt of formalized RMF training and perceptions of RMF effectiveness. Statistical significance can be seen in ANOVA tests where there was a significant difference in the mean effective Perceived Competency Scales (PCS) Scores among those with varied levels of formal RMF training (MS = 5.388), (F [2,78] = 3.645, p < .05). Pearson’s Correlation also indicated that there was a significant positive association with the Effective PCS Score and the Amount of Training Received Category, (r = .253, n = 81, p = .023).

BAI Announces RMF Supplemental Classes

17 January 2018

Fairlawn, VA. — BAI Information Security is pleased to announce the launch of new one-day RMF Supplemental classes. These classes are designed to complement BAI’s flagship four-day Risk Management Framework (RMF) training program. BAI’s goal is to continue to deliver relevant and effective RMF training solutions that will save time and money in implementation of the RMF life cycle.

BAI offers these one-day RMF Supplemental classes on a monthly basis in an online, instructor-led format. The complete schedule of classes can be found at https://register.rmf.org. Additionally, organizations who contract with BAI to provide the four-day RMF training program “on site” can opt to add one of these supplemental classes as a fifth training day.

See below for a brief synopsis of BAI’s RMF Supplemental course offerings:

Continuous Monitoring Overview. The program seeks to equip learners with knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation. The program focuses on Information Security Continuous Monitoring (ISCM), which is one of the cornerstones of RMF.

eMASS eSSENTIALS. The Enterprise Mission Assurance Support Service, or eMASS, is a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services for comprehensive, fully-integrated cyber security management, including controls scorecard measurement, dashboard reporting, and the generation of Risk Management Framework (RMF) package reports. The majority of DoD components have “standardized” on eMASS as the data repository for RMF Assessment and Authorization. eMASS eSSENTIALS provides “how to” guidance for the most commonly-used eMASS functions.

RMF in the Cloud. RMF in the Cloud training is designed to answer foundational questions about RMF and cloud migration as well as offering BAI’s real world experience in cloud migration as a provider of RMF consulting services. RMF in the Cloud is a vendor neutral course utilizing our first-hand consulting experience. Some RMF in the Cloud topics include Cloud Preparation, FedRAMP, Cloud Inheritance, Common Pitfalls, Cloud Tools, and eMASS and the Cloud.

CAP Exam Preparation. Backed by (ISC)2, CAP credentialing aligns with the Risk Management Framework (RMF). The CAP recognizes knowledge, skills and abilities to authorize and maintain information systems within RMF. It demonstrates the ability to formalize processes to assess risk and establish security documentation. BAI’s four-day RMF training program covers the five domains of the CAP Common Body of Knowledge (CBK) – this one-day CAP Exam Prep class focuses on readiness for the credentialing exam itself, including testing guidance, practice questions, etc.

BAI Announces New Website (RDRP)

16 January 2018

Fairlawn, VA. — Fairlawn, VA. —BAI Information Security is pleased to announce the launch of their newly revamped “Risk Management Framework (RMF) Resource Center” website. The newly designed website offers quick and easy access to essential RMF information as well as a comprehensive description of BAI’s RMF services.

The new website has a clean and uncluttered design, improved mobile functionality and enhanced rich content focused on the company’s mission to provide industry leading RMF training and consulting services. The new website goes live today, January 16, 2018 and is located at the same URL address: www.rmf.org.

BAI is excited about their new website launch and the robust information it provides for customers. “We believe this new website will allow our visitors a streamlined experience in finding critical RMF information,” said Lon J. Berman, BAI’s Principal Consultant.

BAI’s new website will be updated on a regular basis with RMF news and new course information. Visitors are encouraged to explore the website and sign up for BAI’s newsletter located at https://rmf.org/newsletter/.

BAI Announces Registered DoD RMF Practitioner (RDRP)

Fairlawn, VA. — BAI Information Security is pleased to announce the launch of a new program called Registered DoD RMF Practitioner (RDRP) – a network of security professionals specializing in supporting the Risk Management Framework (RMF) in Department of Defense (DoD) programs. The requirements to join RDRP are very straightforward:

  • Step 1: Attend 4 days or more of RMF for DoD IT training.
  • Step 2: Complete the 50 question “RMF for DoD IT Competency Test” with a passing score of 70%.
  • Step 3: Remit the initial credentialing fee (No cost if you’ve completed BAI’s RMF 4-day training program within the past 12 months

BAI’s students who have completed 4-days or more of RMF DoD IT training may go to www.rmf.org/rdrp to begin the registration process.

BAI Announces eMASS Training Program

Fairlawn, VA. — BAI Information Security is now offering a training program focused on eMASS, the Department of Defense (DoD) Enterprise Mission Assurance Support Service. “The majority of DoD agencies have now “standardized” on eMASS as the online data repository and management system for their Risk Management Framework (RMF) efforts,” said BAI Principal Consultant Lon Berman. “We felt it was time to add eMASS training to complement our RMF training program.”

Training Opportunities are Expanding

Fairlawn, VA. — BAI Information Security recently announced significant expansions of training programs. Here are some of the highlights:

  • New classroom location— we will now be offering training in the San Diego, CA area as well as the Orlando, FL area, with RMF for DoD IT classes beginning in June, 2017.
  • Friday Supplemental classes — We will be introducing a series of one-day classes. Options include: eMASS Workshop, Continuous Monitoring Overview, Certified Authorization Professional (CAP) exam preparation
  • Certified Cloud Security Professional (CCSP) — BAI will be launching a five-day training program that will provide guidance in securing systems and applications in the cloud environment, as well as preparing students to take the CCSP certification exam given by ISC2 (www.isc2.org). Training will begin with an online class in April.

BAI Information Security Offers Risk Management Framework Training at Dynetics Training Facilities

Fairlawn, VA. — BAI Information Security recently announced its Risk Management Framework (RMF) for DoD IT training will be offered at Dynetics Training Facilities in Huntsville, AL and Arlington, VA. BAI is a leading provider of RMF training and consulting for DoD and Federal agencies, their contractors and vendors throughout the United States and internationally. Dynetics is a leading provider of products and services for the defense, intelligence, aerospace, automotive, IT/cybersecurity and physical security sectors.

BAI Information Security Announces Curriculum Enhancement of “Risk Management Framework (RMF) for DoD IT” Training Program 

Fairlawn, VA – March 6, 2015 – BAI Information Security today announced a substantial enhancement to the Risk Management Framework (RMF) for DoD IT training program curriculum. The revised training program, dubbed “Version 3.0,” significantly ramps up the emphasis on building skills that DoD employees and contractors will need as their programs make the transition from DIACAP to RMF.

BAI Information Security Introduces Risk Management Framework (RMF) for DoD IT Training Program 

March 31, 2014 – BAI Information Security today announced the latest update to its cybersecurity risk management training portfolio. The Risk Management Framework for DoD IT training program covers the newly-unveiled DoD risk management methodology and the process of transition from the legacy DIACAP process.

BAI Information Security To Speak At DoD/VA mHealth Conference in Arlington, VA 

Nov. 13, 2013 – BAI Information Security has announced that Lon Berman, principal consultant and DIACAP, FISMA, RMF expert will speak at the upcoming DoD/VA mHealth (Mobile Health Summit) on November 18 at the Waterview Conference Center in Arlington, VA.

BAI Information Security Announces Educational Seminars on RMF for DoD 

August 12, 2013 – BAI Information Security announced today that it will deliver a new series of educational seminars focused on the transition from DIACAP to the Risk Management Framework (RMF). The educational seminars will be designed for management level and information assurance / technology professionals of all rank, both DoD employees and contractors, who need to become familiar with RMF and the imminent transition from DIACAP.

BAI Information Security Introduces “Personal Classroom” Training 

February 13, 2013 – Today, many conversations among DoD agencies and contracting companies are occurring, relative to what is happening with current budgetary constraints and how it will affect needed training for the Risk Management Framework (RMF) targeted to go into effect mid-year…