Applying the CNSS/NIST Risk Management Framework In-Depth 3 Day
Certified Committee on National Security Systems
Overview
This course equips the student with an overview of the system authorization process (also known as C&A) and the Risk Management Framework (RMF) for National Security Systems (NSS). In addition to the classroom instruction, the student will also participate in several scenario-based hands-on exercises in the implementation of the RMF to provide a clear knowledge bridge to the revised system authorization processes for those currently working with C&A for National Security Systems or for those who have limited or no C&A experience. These exercises will include the development of Systems Security Plans (SSPs), Security Assessment Reports (SARs), and Plans of Action and Milestones (POA&Ms) for a NSS. This course meets the requirements of National Security Directive 42 (NSD-42), which outlines the roles and responsibilities for securing NSSs. The CNSS In-Depth Course will address the Federal and Intelligence Community requirements, including NIST SP 800-37, NIST SP 800-39, CNSS 1199 (DRAFT), and CNSS 1253 (DRAFT).
Modules
Introduction
Module 1: Critical Definitions and Policies
Module 2: C&A Transformation/Transition Overview
Module 3: The IC and the Transformation
Module 4: Roles & Responsibilities
Module 5: Accreditation Boundary
Module 6: System Categorization
Module 7: Select Security Controls
Module 8: Implement, Document & Assess Security Controls
Module 9: Authorize Information System
Module 10: Monitor Information System
Module 11: Reciprocity
Lunarline's CNSS/NIST classes include the following takeaway items: A printed training manual, a CD with a comprehensive set of NIST and Director of National Intelligence (DNI) - approved templates, as well as copies of the guidelines, instructions, standards, and presentations discussed during the training. You will also receive a copy of the book, "The Definitive Guide to the C&A Transformation" co-authored by Lunarline's VP of Cybersecurity and CEO.
|
|
|