Federal Risk Management Framework (RMF) Implementation 2022 focuses on the Risk Management Framework prescribed by NIST Standards. The course can also be used as test preparation for the ISC2 Certified Governance, Risk and Compliance – CGRC certification (previously CAP).
The 2022 edition is current as of February 2022. It was revised due to NIST producing new and updated publications over the preceding two years, including NIST Special Publication (SP) 800-37, R2; SP-800-53, R5; SP 800-160, versions 1 and 2; and SP 800-171, R1 (among others).
The course comes with a disk of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials including a study guide and a References and Policies handout.
Learning Objectives
- Cybersecurity Policy Regulations and Framework
- RMF Roles and Responsibilities
- Risk Analysis Process
- Step 1: Categorize
- Step 2: Select
- Step 3: Implement
- Step 4: Assess
- Step 5: Authorize
- Step 6: Monitor
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Competency Areas
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.