Skip to main content

STIG 101 Training Curriculum Updated to Include Evaluate-STIG

22 May 2023

Fairlawn, Virginia – BAI Information Security, Inc., a leading provider of federal government and DoD cybersecurity training solutions, is pleased to announce the update of its STIG 101 training program. The training program now includes Evaluate-STIG in both the lecture and hands-on Lab.

Evaluate-STIG is a critical component of the Security Technical Implementation Guides (STIGs) process. It allows organizations to evaluate their systems against the STIG requirements and identify areas where they are not compliant. The new update to our STIG 101 training program will help IT professionals understand and implement the Evaluate-STIG process effectively.

The hands-on lab portion of the training program has been updated to include practical exercises to provide participants with hands-on experience in the Evaluate-STIG process. This training will enable IT professionals to develop the skills necessary to evaluate their systems for compliance with STIG requirements and identify and address vulnerabilities in their systems.

“Our updated STIG 101 training program demonstrates our commitment to providing our students with the latest and most effective cybersecurity training solutions,” said Kathryn Daily, Director of BAI Information Security. “We believe that this update will help IT professionals stay up to date with the latest government standards and best practices and provide them with the skills they need to secure their organization against cyber threats.”

The updated STIG 101 training program is available now, and interested individuals and organizations can contact Alice Steger, alice@rmf.org, for more information on how to enroll.

About BAI Information Security Inc,

BAI was founded in 1974 as a software consulting firm but has evolved since then into an organization specializing in providing RMF training and consulting services. We are specialists in assessment and authorization (A&A) of DoD and federal information systems and support a nationwide clientele of government programs, contractors, product developers and service providers.

Over the last 40+ years, we have developed and delivered numerous training courses in areas such as office automation, software quality assurance, and cybersecurity. We have witnessed dramatic changes in the field of information technology and have observed that while systems have become increasingly complex and interdependent, and threats to the security of our information technology have grown exponentially, most organizations continue to respond to cybersecurity risks by using measures designed to meet yesterday’s threats. BAI’s transformation into the boutique information security training and consulting organization we are today was in response to this challenge.

BAI training staff, instructional designers, and consultants are the world’s leading subject matter experts in the application of DoD and Federal government cybersecurity policy and compliance. It is our goal to stay aligned with the current cybersecurity landscape providing our customers the most accurate and relevant knowledge in a real-time capacity reflecting current DoD and Federal cybersecurity guidance.  In addition to decades of real-world cybersecurity experience in government service and a contractor capacity, BAI staff qualifications include: Ph.D, MBA, MIS, MS, CISSP, CAP, NQV3, CRISC, CISA, RDRP, PMP, ITIL-F, CISA, FITSP-M, FITSP-D, MCSE, and MCT.

It is BAI’s core goal to deliver its customers the cybersecurity training they need in the most efficient means possible allowing students to return to work with the confidence and skills necessary to complete their RMF responsibilities.

For more information, please contact:

Alice Steger

Director of Sales

BAI Information Security, Inc.

800-RMF-1903 (800-763-1903)

Alice Steger

www.rmf.org

 

Mr. Austin Lee Joins BAI Training Team

27 April 2022

Fairlawn, Virginia … BAI Information Security announced the addition of Mr. Austin Lee to the training team. “Austin brings his extensive experience with the Risk Management Framework (RMF) as an assessor, consultant and educator, and he is excited to share his knowledge and enthusiasm for RMF with our students”, said Devon Schall, Executive Director of training for BAI Information Security.

Mr. Lee will be teaching classes in RMF for DoD IT, eMASS eSSENTIALS, Security Control Implementation and Assessment, STIG 101, and more.

The full schedule of BAI training classes is available at https://register.rmf.org.

BAI Information Security is the leading provider of Risk Management Framework (RMF) training and consulting services. For further information, please contact Alice Steger, Director of Sales and Marketing, at 1-800-RMF-1903 (763-1903), or visit the BAI website at www.rmf.org.

BAI Announces Reopening of Training Classrooms

25 April 2022

Fairlawn, Virginia … BAI Information Security announced the return of in-person classroom training. “After nearly two years of offering strictly online instructor-led training, we have now resumed training in classroom locations around the country”, said Devon Schall, CEO of BAI Information Security. Classrooms have opened in our most popular “destination” locations, including Colorado Springs, Pensacola and San Diego. With the longer days of spring and summer now here, students can enjoy some outdoor time in the mountains or at the shore after their training days at these locations.

BAI classroom locations will be offering our flagship four-day Risk Management Framework (RMF) for DoD IT and RMF for Federal Agencies training programs, along with the one-day eMASS eSSENTIALS training. The full training schedule, along with online class registration, is available at https://register.rmf.org. The cost of training is $1,935 per student for the four-day training programs and $750 per student for the one-day eMASS training. A five-day training option is available at a discounted price of $2,495 per student.

In addition to the in-person classroom locations, BAI will continue to offer online, instructor-led training.

BAI Information Security is the leading provider of Risk Management Framework (RMF) training and consulting services. For further information, please contact Alice Steger, Director of Sales and Marketing, at 1-800-RMF-1903 (763-1903), or visit the BAI website at www.rmf.org.

BAI Announces CAP Certification “Boot Camp”

20 April 2022

Fairlawn, Virginia – BAI Information Security announced the launch of the CAP Certification “Boot Camp” training program. “This intensive five-day training program is designed for students who desire to quickly acquire the knowledge needed to pass the Certified Authorization Professional (CAP) examination,” said Devon Schall, CEO of BAI Information Security. The CAP Certification Boot Camp includes in-depth instruction on all phases of the Risk Management Framework (RMF), which forms the basis of the CAP body of knowledge. Also included are sample test questions, test-taking skills and hints, and much more.

The CAP Certification Boot Camp is being offered on a regularly scheduled basis, in an online, instructor-led format using BAI’s Online Personal Classroom™ technology. The first class is scheduled to begin on July 18 – 22, 2022. The cost of $2,495 per student includes five full days of training and all required training materials. Please note the cost of the CAP certification exam is not included and must be paid separately to the certification body, ISC2 (www.isc2.org). Online class registration is available at https://register.rmf.org.

Additionally, the CAP Certification Boot Camp is available to pre-arranged groups of eight or more students, at a substantial discount. Classes can be held online, or in person at the customer site.

BAI Information Security is the leading provider of Risk Management Framework (RMF) training and consulting services. For further information, please contact Alice Steger, Director of Sales and Marketing, at 1-800-RMF-1903 (763-1903), or visit the BAI website at www.rmf.org.

DCSA Training Press Release

20 August 2020

Fairlawn, VA – BAI Information Security is pleased to announce a new training program focusing on Risk Management Framework (RMF) as it applies to cleared contractor companies under the purview of the Defense Counterintelligence and Security Agency (DCSA). “RMF Supplement for DCSA Cleared Contractors is a one-day class designed as a follow-on to our four-day RMF for DoD IT training program,” said P. Devon Schall, BAI’s Executive Director of Training Services. “The class covers the unique aspects of RMF as it applies to cleared contractor companies operating classified IT systems on their premises.”
Training topics include:

  • Introduction to DCSA
  • RMF Roles and Responsibilities
  • Types of Systems
  • Authorization Boundaries
  • RMF Life Cycle
    -Step 0 – Prepare
    -Step 1 – Categorize
    -Step 2 – Select
    -Step 3 – Implement
    -Step 4 – Assess
    -Step 5 – Authorize
    -Step 6 – Monitor
  • Documentation Artifacts
  • Type Authorization
  • Security Control Inheritance
  • NISP eMASS
  • Support Tools and Resources

BAI is offering RMF Supplement for DCSA Cleared Contractors on a regularly-scheduled basis in an online, instructor-led format, using our Online Personal Classroom™ technology. The cost is $750 per student. The class is also available to private groups of at least 8 students within a company or agency, with significant savings based on class size.

About BAI
BAI Information Security is a trusted provider of training and consulting services to the Department of Defense and other federal agencies, along with their supporting contractors and vendors. BAI’s core training curriculum is based on the Risk Management Framework (RMF), initially developed by the National Institute of Standards and Technology (NIST) and now implemented throughout the Department of Defense, Federal departments/agencies, and the
Intelligence Community. To date, BAI has trained thousands of students internationally on RMF and related processes, and has provided consulting services to numerous government agencies and Fortune 500 companies. Founded in 1974, BAI is headquartered in Fairlawn, Virginia.

For more information, please visit: www.rmf.org, or contact Alice Steger, Director of Marketing, at 1-800-RMF-1903 X106.

eMASS eSSENTIALS Training Simulator Press Release

20 August 2020

Fairlawn, VA – BAI Information Security is pleased to announce the launch of a new eMASS eSSENTIALS web-based simulator which was built directly off of actual eMASS and has the same user interface and user experience. BAI recognizes that eMASS is a stumbling block for many new RMF practitioners. To
mitigate these challenges, our instructional designers felt the creation of an eMASS sandbox environment where students could practice working in eMASS without being scared to submit incorrect data or follow the correct procedures would be highly beneficial! Some facts about our new eMASS Simulator:

  • No CAC required
  • Live hands on cloud-based eMASS simulation environment
  • The simulator will be available to all students who attend BAI’s one-day eMASS eSSENTIALS
  • training course
  • The eMASS Simulator provides guidance and the capability for the most used eMASS functions including:
    -System Registration
    -Security Controls and Test Results
    -Artifacts
    -Asset Manager
    -Plan of Action & Milestones (POA&M)

BAI is offering eMASS eSSENTIALS on a regularly-scheduled basis in an online, instructor-led format, using our Online Personal Classroom™ technology as well as in-person at select locations throughout the United States. The cost is $750 per student. The class is also available to private groups of at least 8 students within a company or agency, with significant savings based on class size.

About BAI
BAI Information Security is a trusted provider of training and consulting services to the Department of Defense and other federal agencies, along with their supporting contractors and vendors. BAI’s core training curriculum is based on the Risk Management Framework (RMF), initially developed by the National Institute of Standards and Technology (NIST) and now implemented throughout the Department of Defense, Federal departments/agencies, and the  intelligence Community. To date, BAI has trained thousands of students internationally on RMF and related processes, and has provided consulting services to numerous government agencies and Fortune 500 companies. Founded in 1974, BAI is headquartered in Fairlawn, Virginia. For more information, please visit: www.rmf.org, or contact Alice Steger, Director of Marketing, at 1-800-RMF-1903 X106.

BAI Announces Dr. P. Devon Schall (Dr. RMF)

19 December 2018

Fairlawn, VA. —  BAI Information Security is pleased to announce Dr. P. Devon Schall has completed doctoral studies with a dissertation topic titled Examining the Relationship between Formal RMF Training and Perceptions of RMF Effectiveness, Sustainability, and Commitment in RMF Practitioners. BAI is excited to contribute to academic research being conducted on RMF. Currently, Dr. Schall has observed a large gap in peer-reviewed RMF research, and he hopes to fill this gap as he is committed to improving the real-world application of RMF with the goal of mitigating the idea that RMF is failing.

A summary of Dr. Schall’s research is below and the complete study can be found at http://www.rmf.org/rmf-dissertation.

Examining the Relationship between Formal RMF Training and Perceptions of RMF Effectiveness, Sustainability, and Commitment in RMF Practitioners

Quantitative data on the perceived confidence, compliance commitment, and sustainability ratings for RMF were collected and used in this research. Survey research was implemented, and data were collected through a questionnaire. The intended participants in the study were those who work in the U.S. Government or serve as U.S. Government contractors with requirements of cybersecurity compliance in their job roles. The survey questionnaire was provided to the members of the LinkedIn group titled Risk Management Framework (RMF) Resource Center via a survey link posted in the group as well as a private message sent to each member of the group with an explanatory invitation. This group consists of 1779 members and was established to provide its members with the opportunity to connect in understanding RMF. The survey was presented to all group members without any prior research or bias regarding their previous RMF training received or years of experience. The data were analyzed utilizing statistical methods of descriptive statistics, analysis of variance (ANOVA) and Pearson’s Correlations.

Based on the results of this study, a significant, positive relationship exists between the receipt of formalized RMF training and perceptions of RMF effectiveness. Statistical significance can be seen in ANOVA tests where there was a significant difference in the mean effective Perceived Competency Scales (PCS) Scores among those with varied levels of formal RMF training (MS = 5.388), (F [2,78] = 3.645, p < .05). Pearson’s Correlation also indicated that there was a significant positive association with the Effective PCS Score and the Amount of Training Received Category, (r = .253, n = 81, p = .023).

BAI Announces RMF Supplemental Classes

17 January 2018

Fairlawn, VA. — BAI Information Security is pleased to announce the launch of new one-day RMF Supplemental classes. These classes are designed to complement BAI’s flagship four-day Risk Management Framework (RMF) training program. BAI’s goal is to continue to deliver relevant and effective RMF training solutions that will save time and money in implementation of the RMF life cycle.

BAI offers these one-day RMF Supplemental classes on a monthly basis in an online, instructor-led format. The complete schedule of classes can be found at https://register.rmf.org. Additionally, organizations who contract with BAI to provide the four-day RMF training program “on site” can opt to add one of these supplemental classes as a fifth training day.

See below for a brief synopsis of BAI’s RMF Supplemental course offerings:

Continuous Monitoring Overview. The program seeks to equip learners with knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation. The program focuses on Information Security Continuous Monitoring (ISCM), which is one of the cornerstones of RMF.

eMASS eSSENTIALS. The Enterprise Mission Assurance Support Service, or eMASS, is a web-based Government off-the-shelf (GOTS) solution that automates a broad range of services for comprehensive, fully-integrated cyber security management, including controls scorecard measurement, dashboard reporting, and the generation of Risk Management Framework (RMF) package reports. The majority of DoD components have “standardized” on eMASS as the data repository for RMF Assessment and Authorization. eMASS eSSENTIALS provides “how to” guidance for the most commonly-used eMASS functions.

RMF in the Cloud. RMF in the Cloud training is designed to answer foundational questions about RMF and cloud migration as well as offering BAI’s real world experience in cloud migration as a provider of RMF consulting services. RMF in the Cloud is a vendor neutral course utilizing our first-hand consulting experience. Some RMF in the Cloud topics include Cloud Preparation, FedRAMP, Cloud Inheritance, Common Pitfalls, Cloud Tools, and eMASS and the Cloud.

CAP Exam Preparation. Backed by (ISC)2, CAP credentialing aligns with the Risk Management Framework (RMF). The CAP recognizes knowledge, skills and abilities to authorize and maintain information systems within RMF. It demonstrates the ability to formalize processes to assess risk and establish security documentation. BAI’s four-day RMF training program covers the five domains of the CAP Common Body of Knowledge (CBK) – this one-day CAP Exam Prep class focuses on readiness for the credentialing exam itself, including testing guidance, practice questions, etc.

BAI Announces New Website (RDRP)

16 January 2018

Fairlawn, VA. — Fairlawn, VA. —BAI Information Security is pleased to announce the launch of their newly revamped “Risk Management Framework (RMF) Resource Center” website. The newly designed website offers quick and easy access to essential RMF information as well as a comprehensive description of BAI’s RMF services.

The new website has a clean and uncluttered design, improved mobile functionality and enhanced rich content focused on the company’s mission to provide industry leading RMF training and consulting services. The new website goes live today, January 16, 2018 and is located at the same URL address: www.rmf.org.

BAI is excited about their new website launch and the robust information it provides for customers. “We believe this new website will allow our visitors a streamlined experience in finding critical RMF information,” said Lon J. Berman, BAI’s Principal Consultant.

BAI’s new website will be updated on a regular basis with RMF news and new course information. Visitors are encouraged to explore the website and sign up for BAI’s newsletter located at https://rmf.org/newsletter/.

BAI Announces Registered DoD RMF Practitioner (RDRP)

Fairlawn, VA. — BAI Information Security is pleased to announce the launch of a new program called Registered DoD RMF Practitioner (RDRP) – a network of security professionals specializing in supporting the Risk Management Framework (RMF) in Department of Defense (DoD) programs. The requirements to join RDRP are very straightforward:

  • Step 1: Attend 4 days or more of RMF for DoD IT training.
  • Step 2: Complete the 50 question “RMF for DoD IT Competency Test” with a passing score of 70%.
  • Step 3: Remit the initial credentialing fee (No cost if you’ve completed BAI’s RMF 4-day training program within the past 12 months

BAI’s students who have completed 4-days or more of RMF DoD IT training may go to www.rmf.org/rdrp to begin the registration process.

BAI Announces eMASS Training Program

Fairlawn, VA. — BAI Information Security is now offering a training program focused on eMASS, the Department of Defense (DoD) Enterprise Mission Assurance Support Service. “The majority of DoD agencies have now “standardized” on eMASS as the online data repository and management system for their Risk Management Framework (RMF) efforts,” said BAI Principal Consultant Lon Berman. “We felt it was time to add eMASS training to complement our RMF training program.”

Training Opportunities are Expanding

Fairlawn, VA. — BAI Information Security recently announced significant expansions of training programs. Here are some of the highlights:

  • New classroom location— we will now be offering training in the San Diego, CA area as well as the Orlando, FL area, with RMF for DoD IT classes beginning in June, 2017.
  • Friday Supplemental classes — We will be introducing a series of one-day classes. Options include: eMASS Workshop, Continuous Monitoring Overview, Certified Authorization Professional (CAP) exam preparation
  • Certified Cloud Security Professional (CCSP) — BAI will be launching a five-day training program that will provide guidance in securing systems and applications in the cloud environment, as well as preparing students to take the CCSP certification exam given by ISC2 (www.isc2.org). Training will begin with an online class in April.

BAI Information Security Offers Risk Management Framework Training at Dynetics Training Facilities

Fairlawn, VA. — BAI Information Security recently announced its Risk Management Framework (RMF) for DoD IT training will be offered at Dynetics Training Facilities in Huntsville, AL and Arlington, VA. BAI is a leading provider of RMF training and consulting for DoD and Federal agencies, their contractors and vendors throughout the United States and internationally. Dynetics is a leading provider of products and services for the defense, intelligence, aerospace, automotive, IT/cybersecurity and physical security sectors.

BAI Information Security Announces Curriculum Enhancement of “Risk Management Framework (RMF) for DoD IT” Training Program 

Fairlawn, VA – March 6, 2015 – BAI Information Security today announced a substantial enhancement to the Risk Management Framework (RMF) for DoD IT training program curriculum. The revised training program, dubbed “Version 3.0,” significantly ramps up the emphasis on building skills that DoD employees and contractors will need as their programs make the transition from DIACAP to RMF.

BAI Information Security Introduces Risk Management Framework (RMF) for DoD IT Training Program 

March 31, 2014 – BAI Information Security today announced the latest update to its cybersecurity risk management training portfolio. The Risk Management Framework for DoD IT training program covers the newly-unveiled DoD risk management methodology and the process of transition from the legacy DIACAP process.

BAI Information Security To Speak At DoD/VA mHealth Conference in Arlington, VA 

Nov. 13, 2013 – BAI Information Security has announced that Lon Berman, principal consultant and DIACAP, FISMA, RMF expert will speak at the upcoming DoD/VA mHealth (Mobile Health Summit) on November 18 at the Waterview Conference Center in Arlington, VA.

BAI Information Security Announces Educational Seminars on RMF for DoD 

August 12, 2013 – BAI Information Security announced today that it will deliver a new series of educational seminars focused on the transition from DIACAP to the Risk Management Framework (RMF). The educational seminars will be designed for management level and information assurance / technology professionals of all rank, both DoD employees and contractors, who need to become familiar with RMF and the imminent transition from DIACAP.

BAI Information Security Introduces “Personal Classroom” Training 

February 13, 2013 – Today, many conversations among DoD agencies and contracting companies are occurring, relative to what is happening with current budgetary constraints and how it will affect needed training for the Risk Management Framework (RMF) targeted to go into effect mid-year…