Risk Management Framework (RMF) (AA-RMF)

Federal Risk Management Framework (RMF) Implementation 2022 focuses on the Risk Management Framework prescribed by NIST Standards. The course can also be used as test preparation for the ISC2 Certified Governance, Risk and Compliance ñ CGRC certification (previously CAP).

The 2022 edition is current as of February 2022. It was revised due to NIST producing new and updated publications over the preceding two years, including NIST Special Publication (SP) 800-37, R2; SP-800-53, R5; SP 800-160, versions 1 and 2; and SP 800-171, R1 (among others).

The course comes with a disk of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials including a study guide and a References and Policies handout.

Chapter 1: RMF, cybersecurity policy regulations, and roles and responsibilities

• Module A: Introduction to RMF
• Module B: Cybersecurity policy regulations and framework
• Module C: RMF roles and responsibilities

Chapter 2: Risk analysis

• Module A: Risk management
• Module B: Risk assessment and the RMF process

Chapter 3: The RMF process

• Module A: Step 0óPrepare
• Module B: Step 1óCategorize
• Module C: Step 2óSelect
• Module D: Step 3óImplement
• Module E: Step 4óAssess
• Module F: Step 5óAuthorize
• Module G: Step 6óMonitor

Appendices

• Appendix A: Supplemental reference
• Appendix B: RMF review and steps checklists
• Appendix C: Acronym reference
• Appendix D: Answer keyóChapter 3 lab exercises

• Cybersecurity Policy Regulations and Framework
• RMF Roles and Responsibilities
• Risk Analysis Process
• Step 1: Categorize
• Step 2: Select
• Step 3: Implement
• Step 4: Assess
• Step 5: Authorize
• Step 6: Monitor

Do you have more questions? We're delighted to assist you!

Those interested in Federal Risk Management (RMF) Implementation. Those interested in obtaining the ISC2 Certified Authorization Professional (CAP) certification.