Skip to main content

Training Overview

RMF and Supply Chain Security

(One Day)

Today, our organizations rely on digital technology more than ever to accomplish critical mission/business functions.  Information and communications technology (ICT), Operational Technology (OT), and IT Services that organizations acquire are part of complex, globally distributed, extensive, and interconnected supply chain ecosystems that are comprised of geographically diverse routes and consists of multiple levels of outsourcing.  These facts present risks that are called “supply chain injection” attacks that have seen a significant increase since 2018.

To mitigate and manage these risks your organization needs a NIST compliant Cybersecurity Supply Chain Risk Management (C-SCRM) that differs from the traditional supply chain risk management programs that mainly deal with materiel and non-IT assets.  This course will assist your organization in developing a tailored C-SCRM program that is cost effective and address C-SCRM requirements (implementation statements and assessment procedures) brought in NIST SP 800-53 Rev 5.

Subject Areas Covered:

  • Establish C-SCRM team, determine roles and responsibilities.
  • Basis for determining whether a technology, service, system component, or system is fit for purpose, and as such, the controls need to be tailored accordingly.
  • Address requirements for developing trustworthy, secure, privacy-protective, and resilient system components and systems.
  • Addresses managing, implementation, and monitoring of C-SCRM controls
  • Determine C-SCRM risk tolerance
  • Identifying and assessing C-SCRM risks
  • Determining appropriate risk response actions and acceptable C-SCRM risk mitigation strategies or controls.
  • Description of and justification for C-SCRM mitigation measures taken
  • Monitoring performance against plans
  • Specify documentation protection requirements.
  • Providing training, education, and awareness programs for personnel regarding C-SCRM, available mitigation strategies
  • Train personnel to detect counterfeit system components

Who should attend?

RMF and Supply Chain security is applicable to all federal and DoD personnel as well as members of the defense industrial base.

Duration

1 day

This one-day training helps learners understand how to implement necessary security controls to protect the DoD supply chain.

Course Overview & Outlines

Please Click here for a detailed course overview and outline of RMF and Supply Chain Security.

Delivery Methods

The RMF and Supply Chain Security training program is offered on a regularly-scheduled basis in

Aberdeen | CharlestonColorado SpringsDayton | Huntsville | National Capital Region | Pensacola | San Antonio | San Diego | SeattleSouthern Maryland

Training is also available to distance learners via Online Personal Classroom™ technology.

RMF and Supply Chain Security is also available as a “Friday supplemental class” to organizations wishing to obtain “on site” RMF training for a group of students.

REGISTER NOW

Bundling

Discount pricing is available when this class is combined with RMF for DoD IT. Please contact us for details.

We have an assortment of supplemental classes that can be bundled with the RMF for DoD IT to enhance your RMF training experience. By bundling you can receive a considerable discount on the supplemental classes.

Private Group Classes

If you have a group of students (normally 8 or more), any of our training programs can be delivered at your site (in a suitable classroom facility), or in our Online Personal Classroom. Group classes offer significant savings over individual class registrations; the larger the class, the greater the savings.

Please click here to request a quote.

Training fees

dollars
“Per student” fee for regularly-scheduled RMF and Supply Chain Security is as follows:

RMF and Supply Chain Security – $ 850

credit card
Payment options for regularly-scheduled training are as follows:

Credit card – Visa, MasterCard and American Express
SF182 – government entities may submit an SF182 for invoicing after completion of training
PO – purchase orders are accepted from government and major corporate entities

How to Register

Registration for regularly-scheduled classes can be completed in two ways:

On-line (recommended).
Click here for online registration and payment.

By FAX or e-mail
Click here for a printable registration form.