RMF for DoD/Intel Intensity 4 Day (Risk Management Framework for DoD & Intelligence Communities Information Technology (IT) Intensity 4 Day
This course equips the student with an overview of the system authorization process (also known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF using the CNSS and IC requirements to provide a clear knowledge bridge to the revised system authorization processes for those currently working with C&A for National Security Systems or for those who have limited or no C&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans Of Action and Milestones (POA&Ms) for a NSS. This course meets the requirements of National Security Directive 42 (NSD-42), which outlines the roles and responsibilities for securing NSSs. The CNSS In-Depth Course will address the Federal and Intelligence Community requirements, including NIST SP 800-37, NIST SP 800-39, and CNSS 1253.