1. Training
  2. Education & Training Catalog
  3. Test Pass Academy, LLC.
  4. RMF - Risk Management Framework for the DoD

RMF - Risk Management Framework for the DoD

This is an intense, 3-day instructor-led RMF - Risk Management Framework for the DoD Course. The RMF was developed by the National Institute for Standards and Technology (NIST) to help organizations manage risks to and from Information Technology (IT) systems more easily, efficiently and effectively. The selection and specification of security controls for an information system is accomplished as part of an organization-wide information security program that involves the management of organizational risk. The risk to the organization or to individuals associated with the operation of an information system. The management of organizational risk is a key element in the organization's information security program and provides an effective framework for selecting the appropriate security controls for an information system, the security controls necessary to protect individuals and the operations and assets of the organization. This boot camp is geared for the Government, Military and Contractors seeking 8140 compliance. Classes are scheduled across the USA and also live online.

Have a group of 5 or more people? Let us know and we can deliver a PRIVATE SESSION at your location.

Training includes:

  • The RMF Training in the Industry
  • Instruction by a High-Level Certified RMF Expert
  • Risk Management Courseware - continually updated
  • Practice and skill development
  • (ISC)2 CGRC Exam can be added
  • Class hours: 8:30 - 4:30 daily
  • Snacks and beverages provided daily
  • Follow on Course - (ISC)2 CISSP
  • This class also lines up with the (ISC)2 CGRC exam objectives

Course Overview

Overall Proficiency Level
2 - Intermediate
Course Catalog Number
RMFDoD
Course Prerequisites

Information assurance and IT security or information risk management. Certification, system testing and continuous monitoring. Systems Administration or 1 - 2 years of general technical experience. Two years of general systems experience or Information Security Policy.

Training Purpose
Management Development
Specific Audience
Federal Employee
Contractor
Academia
General Public
Delivery Method
Classroom
Online, Instructor-Led
Course Locations

Boca Raton, FL

San Diego, CA

Colorado Springs, CO

Columbia, MD

Los Angeles, CA

Dulles, VA

Huntsville, AL

  • Classroom
  • Online, Instructor-Led

Learning Objectives

Upon completion of the RMF - Risk Management Framework Course, you will demonstrate competence and learn to master:

  • DoD and Intelligence Community specific guidelines
  • Key concepts including assurance, assessment, authorization, security controls
  • Cybersecurity Policy Regulations and Framework Security laws, policy, and regulations
  • DIACAP to RMF transition, ICD 503, CNSSI-1253, SDLC and RMF
  • Documents for cyber security guidance
  • RMF Roles and Responsibilities, Tasks and responsibilities for RMF roles, DoD RMF roles
  • Risk Analysis Process DoD organization-wide risk management, RMF steps and tasks, RMF vs. C&A
  • Categorize Step 1 key references Sample SSP: Security Categorization, Information System Description, Information System Registration Registering a DoD system
  • Select Step 2 key references: Common Control Identification, Select Security Controls, Monitoring Strategy, Security Plan Approval, Select Security Controls
  • Implement Step 3 key references: Security Control Implementation, Security Control Documentation, Implement Security Controls
  • Assess Step 4 key references About Assessment: Assessment Preparation, Security Control Assessment, Security Assessment Report, Remediation Actions, Assessment Preparation
  • Authorize Step 5 key references: Plan of Action and Milestones, Security Authorization Package, Risk Determination, Risk Acceptance, Authorizing Information Systems
  • Monitor Step 6 key references: Information System and Environment Changes, Ongoing Security Control Assessments, Ongoing Remediation Actions, Key Updates, Security Status Reporting, Ongoing Risk Determination and Acceptance, Information System Removal and Decommissioning Continuous Monitoring Security Automation, Monitoring Security Controls
  • RMF for DoD and Intelligence Community, eMASS, RMF Knowledge Service, DoD 8510.01, DFAR 252.204-7012, ICD 503, CNSSI-1253, FedRAMP, RMF within DoD and IC process review

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Feedback

If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov(link sends email). Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.

Last Published Date:

You have been selected to participate in a brief survey about your experience today with National Initiative for Cybersecurity Careers and Studies.

Would you like to participate in our survey?

If you accept you will be leaving the National Initiative for Cybersecurity Careers and Studies website and going to a third party site.
That site may have different privacy, security and accessibility policies than the National Initiative for Cybersecurity Careers and Studies site.
National Initiative for Cybersecurity Careers and Studies does not endorse any commercial products, services, programs or content on the third party website.
Thank you for visiting our site. We hope your visit was informative and enjoyable.