RMF is the unified information security framework for the entire federal government that is replacing the legacy Certification and Accreditation (C&A) processes within federal government departments and agencies, the Department of Defense (DOD) and the Intelligence Community (IC).
Learning Objectives
Information Security Concepts Security Authorization (Ciampa) Concepts and Standards Introduction to FISMA and RMF Introduction to RMF for DoD IT DoD, NIST and CNSS Publications Life-Cycle Activities (DoDI 8510.01 and NIST SP 800-37) Documentation NIST Security Controls (NIST SP 800-53 Rev. 4) RMF Resources and Tools (incl. Knowledge Service, eMASS)Transition from DIACAP to RMF DoD, NIST and CNSS Publications Roles and Responsibilities System Boundary Definition RMF for DoD IT Process (DoDI 8510.01)RMF Life Cycle (NIST SP 800-37)RMF for DoD IT Documentation System Categorization and Security Control Selection (CNSSI 1253) NIST Security Controls (SP 800-53 Rev. 4), implementation and assessment RMF Resources and Tools Security Testing Tools DIACAP to RMF Transition Strategy and Implementation
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):