ISCM Fundamentals is a one-day supplemental training program that focuses on Information Security Continuous Monitoring, a cornerstone of the Risk Management Framework (RMF). Topics include: ISCM Roles and Responsibilities ISCM Process – NIST SP 800-137 Step 1 – Define Strategy Step 2 – Establish ISCM Program Step 3 – Implement Step 4 – Analyze and Report Step 5 – Respond to Findings Step 6 – Review and Update ISCM Technologies ISCM Challenges & Pitfalls Practical Guidance on ISCM automation and support tools are provided. Student exercises, collaboration, and case studies are used to reinforce the concepts taught in the class. The course content of Information Security Continuous Monitoring (ISCM) is geared to meet the needs of a diverse audience covering the spectrum of management, operational and technical roles. Students will gain thorough knowledge of the theory and policy background underlying continuous monitoring as well as the practical knowledge needed for effective implementation. Policies Covered: NIST SP 800-37 NIST SP 800-53 NIST SP 800-137 NIST SP 800-60 CNSSI 1253
Learning Objectives
To assist students with the knowledge and development of step 6 of the Risk Management Framework in accordance with NIST SP 800-37 and NIST SP 800-137.
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@hq.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.