Invite Some friends!

Thanks for inviting your friends. Please try other network if you wish.

The Risk Management Framework – Part 2

Invite Friends
Facebook Twitter Google+ LinkedIn Email

All Information Should Be Free

Join today and get unlimited free access to the industry's best cyber security training and content.

JOIN CYBRARY

Already a member? Login to View this Lesson

Skill Certifications are the newest resume builder.
Take your first Skill Certification FREE with code: FREESCT1
The Risk Management Framework – Part 2

In this lesson, Subject Matter Expert (SME) Kelly Handerhan discusses NIST Special Publication (SP) 800-37, “Guide for the Security Certification and Accreditation of Federal Information Systems”, that was created as part of NIST’s responsibility under FISMA to develop standards and guidelines for the requirements and process steps for the certification, accreditation, and monitoring of information systems.

Handerhan explains the use and usefulness of other NIST SP documents in the RMF process.

You will learn:

  • the six Risk Management Framework (RMF) phases
  • the role of the Information System Owner
  • when and how to create and update the System Security Plan (SSP)
  • how to develop a Plan of Actions and Milestones (POAM) to document weaknesses and vulnerabilities and to set mitigation milestones
  • how to develop a Minimum Security Baseline (MSB)
  • how to select and implement security control activities
  • documentation requirements and methods
  • contingency planning for federal agency systems’ continuity (“systems” goes beyond just computer systems)
  • how to develop a Business Impact Analysis
  • the three phases of continuity
  • the differences between recovery and reconstitution
  • rules and responsibilities of the incident response team in a contingency environment
  • incident analysis and returning to an operational state
  • understanding and using the “plan, do, check, act” model

THE DISCUSSION OF IMPORTANT RMF DOCUMENTS AND USING THE RMF CONTINUES IN LESSON 2.

 

 

Watch the Course Intro Video
Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Upcoming Industry Events

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Best Security Podcasts for 2017
Views: 121 / January 17, 2017
How to Protect Online Privacy
Views: 126 / January 17, 2017
SQL Injection: Best practices and projects
Views: 3371 / January 16, 2017
Visibility is the New Stealth!
Views: 2496 / January 15, 2017
Skip to toolbar
Cybrary works best if you switch to our Android-friendly app
Continue

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel