New systems and changes to existing systems are part of any organization. Today, there is heavy emphasis on the security of all major changes to an organization's technology. The National Institute of Cybersecurity Education has a specific requirement for users to learn and understand a formal Security Assessment and Authorization process. In this course, Implementing a Security Assessment and Authorization Process, you'll first learn how to approach formally assessing the security controls of a new system. Next you'll explore the approach taken to formally authorize the system prior to allowing it to become part of your organization's technology. You'll finish the course by learning how to select the correct security testing procedures from a whole library provided by NIST (National Institute for Standards in Technology). Upon completion of this course, you'll be well versed in the knowledge needed to implement and operate a security assessment and authorization process for your organization.
Learning Objectives
- Security Assessments and Authorization
- Assessment Fundamentals
- Typical Assessment Process
- Comparing Assessment Methods
- Assessing Controls
- Conformance Testing
- Presenting Your Assessment Findings
- Security Authorization
Framework Connections
Specialty Areas
- Cybersecurity Management
- Risk Management
- Test and Evaluation
- Systems Architecture
- Systems Requirements Planning
Feedback
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.