Risk Management Framework for DoD Security Controls Assessors Training (SCA)
|Commitment||4 days, 7-8 hours a day.|
|How To Pass||Pass all graded assignments to complete the course.|
|User Ratings||Average User Rating 4.8 See what learners said|
|Delivery Options||Instructor-Led Onsite, Online, and Classroom Live|
Risk Management Framework for DoD Security Controls Assessors Training (SCA) Course – Hands-on
This 4-day Risk Management Framework for DoD Security Controls Assessors Training (SCA) course concentrates on methods used to validate DoD IA Controls as contained in NIST 800-53, Rev. 4 and CNSSI 1253. Discussion areas include an overview of the RMF for Intelligence Communities and DoD Security Controls Assessors, the DoD-defined information system types and the associated security concerns, vulnerability scanning, DoD-approved automated scanning tools, and many more.
The course provides an in-depth explanation of each control identified in NIST 800-53, Rev. 4 and CNSSI 1253 to include the appropriate testing method, associated supporting evidence (known as artifacts), and how to more efficiently and effectively test and validate DoD systems and infrastructure. The curriculum will prepare the ACA to test against the DoD IA controls using manual and automated procedures in accordance with the standards set forth by the Department.
- We can adapt this training course to your group’s background and work requirements at little to no added cost.
- If you are familiar with some aspects of this training course, we can omit or shorten their discussion.
- We can adjust the emphasis placed on the various topics or build the training around the mix of technologies of interest to you (including technologies other than those included in this outline).
- If your background is nontechnical, we can exclude the more technical topics, include the topics that may be of special interest to you (e.g., as a manager or policy-maker), and present the training course in manner understandable to lay audiences.
The target audience for this training course:
Risk Management Framework for DoD Security Controls Assessors Training (SCA) Course – Class Prerequisites
The knowledge and skills that a learner must have before attending this training course are:
- This class is intended for individuals with in-depth knowledge of information systems and the FISMA/CNSS/DIACAP authorization process. It is recommended to take the FISMA/NIST/CNSS 3 or 4-day as a prerequisite class or have at least 3 years of experience in DoD A&A.
Risk Management Framework for DoD Security Controls Assessors Training (SCA) Course – Objectives:
Upon completing this training course, learners will be able to meet these objectives:
- The curriculum will prepare the security controls assessor to understand the process for testing the NIST security controls using manual and automated tests to ensure all controls are tested properly.
Risk Management Framework for DoD Security Controls Assessors Training (SCA) – Course Content
- Introduction to the Risk Management Framework and supporting laws, standards, and regulations
- The New Lexicon
- New Requirements under FISMA 2014
- RMF Roles and Responsibilities
- Steps in the RMF Process
- NIST 800-53 Rev 4 and CNSSI 1253 Security controls requirements and validation process
- Preparing and submitting the authorization package
- Understanding and executing continuous monitoring