RMF for DoD IT Fundamentals (1 Day) provides an overview of information security and risk management and proceeds to a high-level view of RMF for DoD IT. Discussion is centered on RMF for DoD IT policies, roles and responsibilities, along with key publications from DoD, the National Institute of Standards and Technology (NIST) and the Committee on National Security Systems (CNSS). The class includes high-level discussion of the RMF for DoD IT “life cycle”, including security authorization (aka. certification and accreditation), along with the RMF documentation package and security controls. Policies Covered: NIST SP 800-37 NIST SP 800-53 NIST SP 800-137 NIST SP 800-60 DoDI 8500.01 DoDI 8510.01 CNSSI 1253
The objectives of RMF for DoD Fundamentals is to provide program managers and others with a high level understanding of the risk management framework including key terminology and process.