NOTICE: Our payment address has changed! Click here for more info.
Federal Risk Management Framework (RMF) 2.0 Implementation, DoD/IC Edition

Chapter 1: Introduction

RMF overview
DoD- and IC- Specific Guidelines
Key concepts including assurance, assessment, authorization
Security controls

Chapter 2: Cybersecurity Policy Regulations & Framework

Security laws, policy, and regulations
DIACAP to RMF
System Development Life Cycle (SLDC)
Documents for cyber security guidance

Chapter 3: RMF Roles and Responsibilities

Tasks and responsibilities for RMF roles

Chapter 4: Risk Analysis Process

Overview of risk management
Four-step risk management process
Tasks breakdown
Risk assessment reporting and options

Chapter 5: Step 1: Categorize

Step key references and overview
Sample SSP
Task 1-1: Security Categorization
Task 1-2: Information System Description
Task 1-3: Information System Registration
Lab: The Security Awareness Agency

Chapter 6: Step 2: Select

Step key references and overview
Task 2-1: Common Control Identification
Task 2-2: Select Security Controls
Task 2-3: Monitoring Strategy
Task 2-4: Security Plan Approval
Lab: Select Security Controls

Chapter 7: Step 3: Implement

Step key references and overview
Task 3-1: Security Control Implementation
Task 3.2: Security Control Documentation
Lab: Security Control Implementation

Chapter 8: Step 4: Assess

Step key references and overview
Task 4-1: Assessment Preparation
Task 4-2: Security Control Assessment
Task 4-3: Security Assessment Report
Task 4-4: Remediation Actions
Task 4-5: Final Assessment Report
Lab: Assessment Preparation

Chapter 9: Step 5: Authorize

Step key references and overview
Task 5-1: Plan of Action and Milestones
Task 5-2: Security Authorization Package
Task 5-3: Risk Determination
Task 5-4: Risk Acceptance
DoD Considerations
Lab Step 5: Authorize Information Systems

Chapter 10: Step 6: Monitor

Step key references and overview
Task 6-1: Information System & Environment Changes
Task 6-2: Ongoing Security Control Assessments
Task 6-3: Ongoing Remediation Actions
Task 6-4: Key Updates
Task 6-5: Security Status Reporting
Task 6-6: Ongoing Risk Determination & Acceptance
Task 6-7: Information System Removal & Decommissioning
Continuous Monitoring
Security Automation Domains
Lab: Info System & Environment Changes

Chapter 11: DoD/IC RMF Implementation

eMASS
RMF Knowledge Service
DoD/IC Specific Documentation
RMF within DoD and IC process review

Appendix A: Supplement Reference

Appendix B: Acronym Reference

Appendix C: RMF Process Checklists by Step

Appendix D: Answer Keys

Answers to Review Questions
Lab Exercise Answers

Federal Risk Management Framework (RMF) 2.0 Implementation, DoD/IC Edition, focuses on the Risk Management Framework prescribed by NIST Standards. This edition focuses on RMF as implemented within the Department of Defense (DoD) and Intelligence Communities (IC).

This course can also be used to aid in preparation for the ISC2 Certified Authorization Professional (CAP) exam, although it does not cover 100% of the CAP exam requirements. If your goal is primarily to prepare for the CAP Exam, you should use our course, Federal Risk Management Framework (RMF) 2.0 Implementation with CAP Exam Review.

This course is current as of March 2019. It was revised due to NIST producing new and updated publications over the preceding two years, including SP 800-37, rev. 2; SP-800-53, rev. 5; SP 800-160, V1 and V2; and SP 800-171, rev. 1 (among others). It was also revised due to additional DoD updates to DODI 8510.01. Downloadable ancillary materials include a study guide and a references and policies handout.

The printed courseware comes with a CD of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials include a study guide and a references and policies handout. Instructors will also be given access to an exam with answer key.

Federal Risk Management Framework (RMF) 2.0 Implementation, DoD/IC Edition

  • Product Code: RMFD20-R10-
  • Availability: In Stock
  • $115.00

Build Your Solution

Tags: RMF, risk, management, framework, C&A, FISMA, DOD, IC, NIST, CAP, information, security, federal, defense, government, framework