• Online, Self-Paced
Course Description

This course introduces the NIST Cybersecurity Framework (NIST-CSF).

The Framework is a risk-based approach to managing cybersecurity and is composed of three parts: Framework Core, Framework Implementation Tiers, and Framework Profiles. Each Framework component reinforces the connection between business drivers and cybersecurity activities.

This course discusses how an organization can use the Framework as a key part of its systematic process for identifying, assessing, and managing cybersecurity risk.

The Framework is not intended to replace existing processes; an organization can use its current process and overlay it onto the Framework to determine gaps in its current approach and to develop a roadmap for improvement.

Using the Framework as a cybersecurity risk management tool, an organization can determine activities that are most important to critical service delivery and prioritize expenditures to maximize the impact of the investment.

This course is supplemented by a student book to enhance the learning experience.

The desired or expected outcome is a fundamental understanding of the NIST-CSF and preparation to sit the NCSP Foundation exam.

Learning Objectives

1|22|28

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cybersecurity Management
  • Risk Management
  • Strategic Planning and Policy
  • Training, Education, and Awareness

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.