Class Details

Price: $2,150

Risk Management Framework (RMF) is the unified information security framework for the entire federal government that is replacing the legacy Certification and Accreditation (C&A) processes within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC). DoD officially began its transition from the legacy DIACAP process to the new "RMF for DoD IT" process.

Price Match Guarantee Phoenix TS

RMF Training Includes:

  • Class exercises in addition to training instruction
  • Courseware books, notepads, pens, highlighters and other materials
  • eBooks will be emailed to students registered for Live Online training the week prior to the start of class
  • Full breakfast with variety of bagels, fruits, yogurt, doughnuts and juice
  • Tea, coffee, and soda available all day
  • Freshly baked cookies every afternoon - *only at participating locations

Start Your Risk Management Framework (RMF) Quiz Now


Course Outline

Introduction

  • Key concepts including assurance, assessment, authorization
  • Reasons for change to the Risk Management Framework (RMF)
  • Key characteristics of security
  • Security controls

Cybersecurity Policy Regulations and Framework

  • Evolution and interaction of security laws, policy, and regulations in cybersecurity
  • Accessing the correct documents for cybersecurity guidance
  • Assessment and authorization transformation goals

RMF Roles and Responsibilities

  • Tasks and responsibilities for RMF roles

Risk Analysis Process

  • Four-step risk management process
  • Impact level
  • Level of risk
  • Effective risk management options

Step 1: Categorize

  • Key documents in the RMF process
  • Security Categorization
  • Information System Description
  • Lab 1: Categorize a fictitious DoD agency's information system

Step 2: Select

  • Common Control Identification
  • Security Control Selection
  • Tailor security controls
  • Monitoring strategy
  • Security Plan Approval
  • Lab 2: Select security controls for a fictitious DoD agency information system

Step 3: Implement

  • Security Control Implementation
  • Security Control Documentation
  • Lab 3: Discuss and review decisions related to implementation of security controls

Step 4: Assess

  • Assessment Preparation
  • Security Control Assessment
  • Security Assessment Report
  • Remediation Actions
  • Lab 4: Consult NIST SP 800-53A to determine appropriate assessment techniques for a fictitious DoD agency

Step 5: Authorize

  • Plan of Action and Milestones
  • Security Authorization Package
  • Risk Determination
  • Risk Acceptance
  • Lab 5: Practice compiling the documents that make up the Security Authorization Package

Step 6: Monitor

  • Information System and Environment Changes
  • Patches
  • Ongoing Security Control Assessments
  • Ongoing Remediation Actions
  • Key Updates
  • Security Status Reporting
  • Ongoing Risk Determination and Acceptance
  • Information System Removal and Decommissioning
  • Lab 6: Identify vulnerabilities and deficiencies in the information system of a fictitious DoD agency and propose steps to remediate

Risk Management Framework for DoD and the Intelligence Community

  • DoDI 8510.01
  • DFAR 252.204-7012
  • Security Control Structure
  • Evolution of Cybersecurity Policy
  • NIST: Computer Security Division
  • DoD Cybersecurity Policy Drivers
  • DIACAP to RMF
  • Transformation Goals
  • Control Selection
  • CNSSI-1258
  • RMF Integration with the SDLC
  • Important Federal Guidelines
  • DoD 8500 Cybersecurity Series
  • Roles and Responsibilities
  • Registering a DoD System
  • eMASS
  • Types of Authorizations
  • RMF Knowledge Service

 

Objectives

  • Understand the Risk Management Framework for DoD IT Authorization process

  • Understand FISMA and NIST processes for authorizing Federal IT systems

  • Explain key roles and responsibilities

  • Explain statutory and regulatory requirements

  • Apply these principles to real-world activities and situations

Register for Class

Date Location
12/17/18 - 12/20/18, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
01/07/19 - 01/10/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
01/14/19 - 01/17/19, 4 days, 8:30AM – 4:30PM Honolulu, HI Sold Out!
01/15/19 - 01/18/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
01/22/19 - 01/25/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
01/22/19 - 01/25/19, 4 days, 8:30AM – 4:30PM Online Register
01/28/19 - 01/31/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
02/04/19 - 02/07/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
02/12/19 - 02/15/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
02/19/19 - 02/22/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
02/19/19 - 02/22/19, 4 days, 8:30AM – 4:30PM Online Register
03/04/19 - 03/07/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
03/18/19 - 03/21/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
03/25/19 - 03/28/19, 4 days, 8:30AM – 4:30PM Online Register
03/25/19 - 03/28/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
03/25/19 - 03/28/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
04/01/19 - 04/04/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
04/15/19 - 04/18/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
04/22/19 - 04/25/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
04/22/19 - 04/25/19, 4 days, 8:30AM – 4:30PM Online Register
05/06/19 - 05/09/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
05/21/19 - 05/24/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
05/27/19 - 05/30/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
05/28/19 - 05/31/19, 4 days, 8:30AM – 4:30PM Online Register
05/28/19 - 05/31/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
06/03/19 - 06/06/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
07/08/19 - 07/11/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
07/22/19 - 07/25/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
07/29/19 - 08/01/19, 4 days, 8:30AM – 4:30PM Online Register
07/29/19 - 08/01/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
07/29/19 - 08/01/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
08/05/19 - 08/08/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
09/09/19 - 09/12/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
09/23/19 - 09/26/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
09/24/19 - 09/27/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
09/30/19 - 10/03/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register
09/30/19 - 10/03/19, 4 days, 8:30AM – 4:30PM Online Register
10/07/19 - 10/10/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
11/04/19 - 11/07/19, 4 days, 8:30AM – 4:30PM Fort Gordon, GA Register
12/02/19 - 12/05/19, 4 days, 8:30AM – 4:30PM Tysons Corner, VA Register
12/02/19 - 12/05/19, 4 days, 8:30AM – 4:30PM Colorado Springs, CO Register
12/02/19 - 12/05/19, 4 days, 8:30AM – 4:30PM San Diego, CA Register
12/09/19 - 12/12/19, 4 days, 8:30AM – 4:30PM Online Register
12/09/19 - 12/12/19, 4 days, 8:30AM – 4:30PM Columbia, MD Register