• Online, Self-Paced

New systems and changes to existing systems are part of any organization. Today, there is heavy emphasis on the security of all major changes to an organization's technology. The National Institute of Cybersecurity Education has a specific requirement for users to learn and understand a formal Security Assessment and Authorization process. In this course, Implementing a Security Assessment and Authorization Process, you'll first learn how to approach formally assessing the security controls of a new system. Next you'll explore the approach taken to formally authorize the system prior to allowing it to become part of your organization's technology. You'll finish the course by learning how to select the correct security testing procedures from a whole library provided by NIST (National Institute for Standards in Technology). Upon completion of this course, you'll be well versed in the knowledge needed to implement and operate a security assessment and authorization process for your organization.

Learning Objectives

  • Security Assessments and Authorization
  • Assessment Fundamentals
  • Typical Assessment Process
  • Comparing Assessment Methods
  • Assessing Controls
  • Conformance Testing
  • Presenting Your Assessment Findings
  • Security Authorization

    Framework Connections

    The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

    Specialty Areas

    • Cybersecurity Management
    • Risk Management
    • Test and Evaluation
    • Systems Architecture
    • Systems Requirements Planning

    Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.