RMF Training DESCRIPTION

image1

 

Our RMF Training is more than the high level RMF description and terms training that is offered by most of our competitors. We keep our groups as small as possible to allow in-depth discussions on how you will implement RMF when you return meaning that there will be maximum student participation.


Our training has unique characteristics that separate us from the competition.  Our  primary instructor has hands in experience in every aspect of RMF and has been deeply involved with several high profile RMF projects.  The primary instructor has also served time working side by side with Authorizing Officials (AO), Designated Authorizing Officials (DAO) and Security Control Assessors (SCA). Primary instructor has reviewed countless security authorization artifacts, conducted several official security control assessments on NSS systems, and has even trained other SCAs on how to properly assess information systems.  


 

.

RMF COURSE CURRICULUM

image2

Our curriculum covers the entire RMF schema in a simplified linear method that ensures all areas are covered in-depth.


STEP 1 CATEGORIZE 

TASK 1-1:  Categorize Information System 

TASK 1-2:  Information System Description 

TASK 1-3:  Information System Registration 


STEP 2 SELECT SECURITY CONTROLS 

TASK 2-1:  Identify Common Controls 

TASK 2-2:  Select Security Controls 

TASK 2-3:  Monitoring Strategy 

TASK 2-4:  System Security Plan Approval 


STEP 3 IMPLEMENT SECURITY CONTROLS 

TASK 3-1:  Implement Security Controls 

TASK 3-2:  Security Control Documentation 


STEP 4 ASSESS 

TASK 4-1:  Prepare for Assessment 

TASK 4-2:  Security Control Assessment 

TASK 4-3:  Security Assessment Report 

TASK 4-4:  Remediation Actions 


STEP 5 AUTHORIZE TASK 

TASK 5-1:  Plan of Action and Milestones 

TASK 5-2:  Security Authorization Package 

TASK 5-3:  Risk Determination 

TASK 5-4:  Risk Acceptance 


STEP 6 MONITOR 

TASK 6-1:  Determine Security Impact 

TASK 6-2:  Ongoing Security Control Assessments

TASK 6-3:  Remediation Actions 

TASK 6-4:  Key Updates 

TASK 6-5:  Security Status Reporting 

TASK 6-6:  Ongoing Risk Determination and Acceptance 

TASK 6-7:  Information System Removal and Decommissioning

RSG UPCOMING Events

No upcoming events.

PAY FOR TRAINING HERE