• Classroom
Course Description

The Risk Management Framework Course is an intensive 4 day training experience led by seasoned IS Security professionals. It provides the student with a broad understanding of IS Security policy, principles, rules, and procedures. The course is based upon the three principal guidelines for DoD and intelligence community IS Security: ICD 503\Risk Management Framework, Joint Special Access Program Implementation Guide (JSIG), Risk Management Framework for DoD Information Technology (IT).

Learning Objectives

At the completion of this course the student will be able to:

  1. Explain the C&A transformation from DCID/JAFAN 6/3 to the RMF process
  2. Understand the Roles and Responsibilities in the RMF process
  3. Understand the Six Risk Management Framework steps
  4. Understand Impact values
  5. Authorization Artifacts and Body of Evidence (BOE) requirements
  6. Understand Administrative and Non-Technical Security features
  7. Understand Technical Security features

Framework Connections