Chapter 1: Introduction to RMF

Module A: RMF overview
Module B: Cybersecurity policy regulations and framework
Module C: RMF roles and responsibilities

Chapter 2: Risk analysis    

Module A: Risk management    
Module B: Risk assessment and the RMF process    

Chapter 3: The RMF process    

Module A: Step 0—Prepare    
Module B: Step 1—Categorize    
Module C: Step 2—Select    
Module D: Step 3—Implement    
Module E: Step 4—Assess    
Module F: Step 5—Authorize    
Module G: Step 6—Monitor    

Chapter 4: DoD RMF–specific areas    

Module A: eMASS    
Module B: DoD CYBER.MIL site and resources    
Module C: Continuous Monitoring and Risk Scoring (CMRS)    
Module D: RMF Knowledge Service (RMFKS)    
Module E: Joint SAP Implementation Guide (JSIG) for RMF    
Module F: ICD-503    
Module G: Service updates and adjustments to RMF for DoD IT    

Appendices    

Appendix A: Supplemental Reference    
Appendix B: RMF Review and Steps Checklists    
Appendix C: Acronym Reference    
Appendix D: Answer Key—Chapter 3 Lab Exercises    

Risk Management Framework (RMF) for DoD/IC Implementation 2025 focuses on the Risk Management Framework prescribed by NIST Standards and prescribed by DoD CIO Office. This course is current as of August 2025. It was revised due to NIST producing new and updated publications over the preceding five years, including NIST Special Publication (SP) 800-37 R2; SP-800-53 R5; SP 800-53A R5, SP 800-53B, SP 800-160, versions 1 and 2; and DODI 8500.01, DODI 8510.01, CNSSI-1253 (among others).

For more information and access to the PowerPoint files, please e-mail sales@30bird.com.