Module 1: Federal IT Security Professional - Manager
Section A: IT Security Training and Certification
Section B: Objectives, Expectations, and Introductions
Section C: FITSP-M Courseware Logistics
Module 2: Federal Laws, Mandates, and Standards
Section A: Public Law and Acts
Section B: Office of Management and Budget (OMB)
Section C: Dept. of Homeland Security/Presidential Directives
Section D: National Institute of Standards and Technology
Module 3, Part 1: Risk Management Framework
Section A: SP 800-37r2, Part 1
Section B: SP 800-37r2, Part 2
Section C: Roles and Responsibilities
Section D: Steps in the RMF Process
Module 3, Part 2: Information System Continuous Monitoring
Section A: RMF Step 6
Section B: Continuous Monitoring Trends
Section C: ISCM Guidelines
Section D: Automation
Section E: CM Implementation
Module 4: NIST Special Publications
Module 5: NIST Federal Information Processing Standards (FIPS)
Module 6, Part 1: NIST Control Families
Section A: Security Architectures
Section B: Security Control Overview by Family
Module 6, Part 2: Security Control Families (CP, IA, IR, MA, MP)
Section A: Security Control Classification
Section B: Contingency Planning
Section C: Identification and Authentication
Section D: Incident Response
Section E: System Maintenance
Section F: Media Protection
Module 6, Part 3: Security Control Families (PE, PL, PM, PS, PT)
Section A: Physical & Environmental Protection
Section B: Planning
Section C: Program Management
Section D: Personnel Security
Section E: PII Processing & Transparency
Module 6, Part 4: Security Control Families (RA, SA, SC, SI, SR)
Section A: Risk Assessment
Section B: System and Services Acquisition
Section C: System & Communications Protection
Section D: Systems Integrity
Section E: Supply Chain Risk Management
Module 7: NIST Interagency and Internal Reports
FULLY UPDATED as of September 2024!
The purpose of the FITSI certification program is to validate the skills of IT security professionals against NIST standards and documentation. The certification allows the individual to demonstrate their knowledge of IT standards set by NIST publications and thus making a minimum of competency easily identifiable to those in the industry. The FITSP-Manager certification is intended for Federal workforce personnel, both Federal employees and contractors, whose role is primarily focused on the management and oversight of systems owned by, or operated on behalf of, the Federal government of the United States.