• Course
  • Vendor
  • Guaranteed To Run

Federal Risk Management Framework (RMF) Implementation 4.0 focuses on the Risk Management Framework prescribed by NIST Standards. GK# 6864

  • Course Start Date: 2025-02-18
  • Time: 08:00:00 - 16:00:00
  • Duration: 4 days 08:00 AM - 04:00 PM
  • Location: Virtual
  • Delivery Method(s): Virtual Instructor Led
$3,685.50
REGULAR PRICE $4,095.00 Save $409.50
2 discount seats left!
or make an offer

Course Outline

Lessons

Federal Risk Management Framework (RMF) Implementation 4.0 focuses on the Risk Management Framework prescribed by NIST Standards. The course can also be used as test preparation for the ISC2 Certified Authorization Professional (CAP) certification.

The 4.0 edition of the course is current as of August 2017. This edition incorporates the revisions to NIST Special Publications (SP 800-160, 800-171, 800-53, etc.), the development and publication of the CNSSI-1253, change 2 and CNSSI-1254 for the IC, additional NIST Special Publications produced to support RMF steps and activities, and the passage of FISMA 2014, as well as practical experience as SCA and ISSE for over 10 ATO efforts under RMF over the past several years.

The course comes with a disk of reference materials including sample documents, NIST publications, and regulatory documents. Downloadable ancillary materials including a study guide and a References and Policies handout. Instructors will also have access to an exam with answer key.

WHAT YOU'LL LEARN
  • Cybersecurity Policy Regulations and Framework
  • RMF Roles and Responsibilities
  • Risk Analysis Process
  • Step 1: Categorize
  • Step 2: Select
  • Step 3: Implement
  • Step 4: Assess
  • Step 5: Authorize
  • Step 6: Monitor

OUTLINE
Introduction
  • Introductions
  • About the CAP exam
  • Table of Contents
Chapter 1: Introduction
  • RMF overview
  • Key concepts including assurance, assessment, authorization
  • Security controls
Chapter 2: Cybersecurity Policy Regulations and Framework
  • Security laws, policy, and regulations
  • Documents for cyber security guidance
  • Assessment and Authorization transformation goals
Chapter 3: RMF Roles and Responsibilities
  • Tasks and responsibilities for RMF roles
Chapter 4: Risk Analysis Process
  • Four-step risk management process
  • Impact level
  • Level of risk
  • Effective risk management options
Chapter 5: Step 1: Categorize
  • Step 1 key references
  • Sample SSP
  • Task 1-1: Security Categorization
  • Task 1-2: Information System Description
  • Task 1-3: Information System Registration
  • Lab Step 1: Categorize
Chapter 6: Step 2: Select
  • Step 2 key references
  • Task 2-1: Common Control Identification
  • Task 2-2: Select Security Controls
  • Task 2-3: Monitoring Strategy
  • Task 2-4: Security Plan Approval
  • Lab Step 2: Select Security Controls
Chapter 7: Step 3: Implement
  • Step 3 key references
  • Task 3-1: Security Control Implementation
  • Task 3.2: Security Control Documentation
  • Lab Step 3: Implement Security Controls
Chapter 8: Step 4: Assess
  • Step 4 key references
  • Task 4-1: Assessment Preparation
  • Task 4-2: Security Control Assessment
  • Task 4-3: Security Assessment Report
  • Task 4-4: Remediation Actions
  • Lab Step 4: Assessment Preparation
Chapter 9: Step 5: Authorize
  • Step 5 key references
  • Task 5-1: Plan of Action and Milestones
  • Task 5-2: Security Authorization Package
  • Task 5-3: Risk Determination
  • Task 5-4: Risk Acceptance
  • Lab Step 5: Authorizing Information Systems
Chapter 10: Step 6: Monitor
  • Step 6 key references
  • Task 6-1: Information System and Environment Changes
  • Task 6-2: Ongoing Security Control Assessments
  • Task 6-3: Ongoing Remediation Actions
  • Task 6-4: Key Updates
  • Task 6-5: Security Status Reporting
  • Task 6-6: Ongoing Risk Determination and Acceptance
  • Task 6-7: Information System Removal and Decommissioning
  • Continuous Monitoring
  • Security Automation Domains
  • Lab Step 6: Monitoring Security Controls

WHO SHOULD ATTEND
Those interested in Federal Risk Management (RMF) Implementation.  Those interested in obtaining the ISC2 Certified Authorization Professional (CAP) certification.

Cancellation Policy

We require 16 calendar days notice to reschedule or cancel any registration. Failure to provide the required notification will result in 100% charge of the course. If a student does not attend a scheduled course without prior notification it will result in full forfeiture of the funds and no reschedule will be allowed. Within the required notification period, only student substitutions will be permitted. Reschedules are permitted at anytime with 16 or more calendar days notice. Enrollments must be rescheduled within six months of the cancel date or funds on account will be forfeited.

Training Location

Online Classroom
your office

your city, your province
your country   

About Global Knowledge

x

Global Knowledge is the world's leading learning services and professional development solutions provider. We deliver learning solutions to support customers as they adapt to key business transformations and technological advancements that drive the way that organizations around the world differentiate themselves and thrive. Our learning programs, whether designed for a global organization or an individual professional, help businesses close skills gaps and foster an environment of continuous talent development.

Training Provider Rating

This vendor has an overall average rating of 4.38 out of 5 based on 431 reviews.

I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from ... Read more
x

I would never take another course that starts at 11AM and goes to 9PM again. The way the course was laid out really took away from the capturing of what was presented as it was 5-6 hours of watching a screen before getting to the actual labs. There has to be a better way to lay out this particular course. In my previous course, the lectures were broken up by labs which worked out fantastic and kept you engaged in the course. There were days when in order to actually complete the labs, would go over the 9PM day end time frame. Was able to get the primary labs done, but if you want to get all the content completed, you cannot complete it in the window of this course, you will need to come back on your own time.

No comment
No comment
Instructor was great
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
No comment
Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platfo ... Read more
x

Wasn’t as advanced as I thought it would be. There was an issue when the day my course was the first time they used a new platform.. from adobe to something called zoom; I had to call support line cause it stated our instructor wasn’t present. Thankfully I called cause everyone online was in the adobe virtual classroom waiting for what looked like a teacher who didn’t show up for class (IT didn’t get anything resolved until 10mins after start time). I felt like he was really getting hung up on very basic knowledge for the first half of the course (talking about how to create tabs and drag formulas as an example). I completed files a few times before he was done explaining. There was a scheduled fire drill for them (roughly 30mins)that also cut into our time, which wasn’t deducted from the hour lunch break or the two, fifteen min breaks. I also really wish he touched base more on the automating workbook functions portion which we barely did. I'm happy there were/are those study guides (learning videos) and exams to take on my own time that I hope after I've had the class are still available for me to learn from.

Course Reviews

No Reviews Yet

More Courses from Global Knowledge

GLOBAL KNOWLEDGE
2025-06-23
Virtual
GLOBAL KNOWLEDGE
2025-07-07
Virtual
GLOBAL KNOWLEDGE
2025-07-01
Virtual

More Courses in 'Risk Management Training' Category

GLOBAL KNOWLEDGE
2025-03-24
Virtual