FITSP - Auditor R2.0

Module 1: FITSP-Auditor

   Objectives, Expectations, and Introductions

   Security Certifications Exams

   FITSP-Auditor Courseware Logistics

Module 2: Government Laws

   Congress and the President

   National Institute of Standards and Technologies (NIST)

   Office of Management and Budget (OMB)

   Department of Homeland Security (DHS)

   Health and Human Services (HHS)

Module 3: Risk Management Framework

   SP 800-37R1: Guide for Applying the Risk Management Framework to Federal Information Systems

   Risk Management Framework (RMF)

   Roles and Responsibilities

   Steps in the RMF Process

Module 4: Gap Analysis

   Security Categorization

   Documentation – System Security Plan

   Security Control Baseline

Module 5: Security Assessments

   Assessment Foundation

   Planning for Assessments

   Conducting and Reporting

Module 6: Authorizing Information Systems

   Assessment and Authorization Tasks

   Authorization Elements

Module 7: Information System Continuous Monitoring

   Continuous Monitoring Trends

   CM Guidelines, SP 800-137


   CM Implementation

Module 8: Security Control Families—Management

   Open Security Architecture Landscape

   Control Families in the Computing Environment

   Security Control Overview

   NIST Document Review Strategy

   Program Management (PM)

   Security Assessment and Authorization (CA)

   Planning Family (PL)

   Privacy Controls Family

   Risk Assessment (RA)

   System and Services Acquisition (SA)

   Information Security Program Plan

   Critical Infrastructure Plan

   Capital Planning and Investment Control (CPIC)

   Metrics Development Process

   Federal Enterprise Architecture

   Risk Assessment (RA)

   System and Services Acquisition (SA)

Module 9: Security Control Families—Technical

   Audit and Accountability (AU)

   Identification and Authentication (IA)

   System and Communications Protection (SC)

   Access Control (AC)

   Wireless Protocols

   Audit and Accountability (AU)

   Identification and Authentication (IA)

   System and Communications Protection (SC)

Module 10: Security Control Families—Operational

   Awareness and Training (AT)

   Configuration Management (CM)

   Contingency Planning (CP)

   Incident Response (IR)

   System Maintenance (MA)

   Media Protection (MP)

   Personnel Security (PS)

   Physical and Environmental Protection (PE)

   Systems Integrity (SI)

   Awareness and Training (AT)

   Contingency Planning (CP)


The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The FITSP-Auditor certification is designed to demonstrate that Federal workforce personnel, both Federal employees and contractors, who possess the knowledge of Federal IT security requirements necessary to successfully audit and review the management, operational, and technical IT security controls for systems owned by, or operated on behalf of, the Federal government.

Updated for new regulations, November 2017.


FITSP - Auditor R2.0

  • Product Code: FAUD-R20-
  • Availability: In Stock
  • Days of Training: 3
  • $115.00

Build Your Solution

Tags: federal, defense, government, auditor, security, IT, FITSP, NIST, framework