• Online, Self-Paced
Course Description

Security categorization provides a structured way to determine the criticality and sensitivity of the information being processed, stored, and transmitted by an information system. This course provides learners with an understanding of how to categorize the system and the information using the NIST SP 800-37 Rev. 2 Risk Management Framework.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills required to:

  • Identify all information types based on the system boundary
  • Categorize information processed, stored, or transmitted by the potential adverse impact that information can be compromised as it regards to confidentiality, integrity or availability
  • Ensure the security categorizations are consistent with roles, operating environment, connectivity and intended use

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.