Attention:  CISA Learning is now available!  If you are an EXTERNAL (non-CISA) user access the new system using this url: CISA Learning. The Federal Virtual Training Environment (FedVTE) has been permanently decommissioned and replaced by CISA Learning. Please reference the CISA Learning page for the latest information. Please note: CISA Users (staff and contractors) should access CISA Learning through the internal site. You should have received an email on December 4, 2024, titled “CISA Learning is LIVE!” with more information.

Knowledge ID: K0920

Knowledge of risk management policies and procedures

Work roles with this Knowledge

  • Product Support Management

    NICE Framework ID: OG-WRL-009

    Responsible for planning, estimating costs, budgeting, developing, implementing, and managing product support strategies in order to field and maintain the readiness and operational capability of systems and components.

  • Program Management

    NICE Framework ID: OG-WRL-010

    Responsible for leading, coordinating, and the overall success of a defined program. Includes communicating about the program and ensuring alignment with agency or organizational priorities.

  • Secure Project Management

    NICE Framework ID: OG-WRL-011

    Responsible for overseeing and directly managing technology projects. Ensures cybersecurity is built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. Tracks and communicates project status and demonstrates project value to the organization.

  • Secure Software Development

    NICE Framework ID: DD-WRL-003

    Responsible for developing, creating, modifying, and maintaining computer applications, software, or specialized utility programs.

  • Software Security Assessment

    NICE Framework ID: DD-WRL-005

    Responsible for analyzing the security of new or existing computer applications, software, or specialized utility programs and delivering actionable results.

  • Systems Requirements Planning

    NICE Framework ID: DD-WRL-006

    Responsible for consulting with internal and external customers to evaluate and translate functional requirements and integrating security policies into technical solutions.

  • Systems Security Analysis

    NICE Framework ID: IO-WRL-006

    Responsible for developing and analyzing the integration, testing, operations, and maintenance of systems security. Prepares, performs, and manages the security aspects of implementing and operating a system.

  • Exploitation Analysis

    NICE Framework ID: CE-WRL-003

    Responsible for identifying access and intelligence collection gaps that can be satisfied through cyber collection and/or preparation activities. Leverages all authorized resources and analytic techniques to penetrate targeted networks.