In a virtual lab system, students execute the NIST RMF Steps 1-3: Categorization, Security Control Selection, and Security Control Assessment; and complete the associated analysis and documentation, as required by NIST/FedRAMP/CMMC
Learning Objectives
Prepare and develop a Security Assessment Plan (SAP)|Create a Security Assessment Report (SAR)|Develop a Plan of Action and Milestones (POA&M)|Compile and submit and Authorization to Operate (ATO) package|Implement the Information Security Continuous Monitoring (ISCM) processes|Update Systems Security Plan (SSP) utilizing selected controls and overlays|Draft Risk Management Framework (RMF) transition strategy|Reason analytically and apply framework across interdisciplinary boundaries to solve problems and create innovative solutions|Collect, interpret and analyze existing research and/or resources, and use in risk management processes|Communicate and negotiate effectively in business and professional settings