Risk Management

Course Description

The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) provides a mechanism to inform risk decisions and improve cybersecurity. As federal government and private industry transition to RMF, a broad understanding of the entire process eases adoption challenges.

Informative lectures provide in-depth knowledge concerning risk-management concepts, policies, and roles defined by relevant Department of Defense (DoD), NIST, and Committee on National Security Systems publications.

The seven-step life cycle process is explored through presentations and hands-on exercises as attendees learn the steps involved to prepare for RMF, categorize information systems, select security controls, implement controls, assess controls, authorize information systems, and monitor the security controls.

Who Should Attend

This course is designed for Department of Defense (DoD) employees, contractors, program managers, risk professionals, IT managers, and private industry practitioners who wish to understand the RMF.

What You Will Learn

• RMF overview
• Roles and responsibilities
• Tasks of the RMF seven-step process
• Types of documentation included in RMF packages
• Security control families