NICE Framework Mapping
Oversight and Governance (OG), Protection and Defense (PD)
Overview
This course is designed to equip Information System Security Officers (ISSOs) with the essential skills and tools necessary to navigate through the Risk Management Framework (RMF) process efficiently. Through a series of structured lessons, participants will learn how to effectively implement each step of the RMF, from defining the authorization boundary to drafting authorization documentation, including Security Plans, Security Assessment Plans, and Plans of Action and Milestones (POA&Ms). The course will also cover continuous monitoring planning to ensure ongoing compliance and risk management.
Prerequisites
Basic understanding of cybersecurity principles
Familiarity with the Risk Management Framework (RMF)
Prior experience in information security or related fields
Knowledge of NIST Special Publication 800-53 and other relevant NIST publications
Schedule
5 Days
Outline
Lesson 1: RMF Step 0 Exercise(s)
● Identify Organizational RMF Roles and Strategy
Lesson 2: RMF Step 1 Exercise(s)
● Draft Authorization Boundary and External Services
● Draft Categorization/FIPS 199/NIST SP 800-60
Lesson 3: RMF Step 2 Exercise(s)
● Select Applicable Security Controls
Lesson 4: RMF Step 3 Exercise(s)
● Draft Implementation Statements
Lesson 5: RMF Step 4 Exercise(s)
● Draft Security Assessment Plan
● Draft POA&M
Lesson 6: RMF Step 5 Exercise(s)
● Draft Authorization Letter
Lesson 7: RMF Step 6 Exercise(s)
● Draft Continuous Monitoring Plan
Sign Up Today
If you are interested in this training provide your information below.