DIARMF Training


the most in-depth course available for students needing to perform DoD risk certification, accreditation, and risk management

DIARMF Course Overview


InfoSec Institute offers the most in-depth course available for students needing to become accredited in DIARMF - Department of Defense Information Assurance Risk Management Framework. This is the most up-to-date information assurance standards you will find. This course is designed for DoD, IC, and other Federal Government employees and contractors. You will become familiar with NIST system of C&A that is known as Risk Management Framework (RMF) and mapped to NIST SP 800-53.

This course is built upon our DIACAP Boot Camp offers outstanding benefits, including:

  • Dealing with transitioning to DIARMF head on

  • Cost effective security with minimal performance impact

  • How to create organization-wide motivation for IT security

  • Exposure to the RMF Process and types of risk assessments

  • Awareness of strategies for controlling these efforts and gaining additional resources

  • Preparing students to meet FISMA requirements while managing their IT systems more effectively, efficiently, and securely


Some of the additional changes for DIARMF are:

  • NIST SP 800-53 controls

  • Change focus from C&A to Risk Management

  • Definition of how to bridge between DoD systems and NIST defined system (subsystems & Platform IT for example)

  • DIARMF will look more like NIST 800-37 rev 1


The InfoSec Institute DIACAP training course provides detailed, step-by-step information on how to manage the Information Assurance posture consistent with FISMA, the DODD 8500.1 and the DoDI 8500.2 standards. In the class, each DoDI 8500.2 IA control is covered in detail. This includes:

  • Control Selection
  • Verifying Control Implementation
  • Preparation steps prior to Control Evaluation
  • Validation using one or more accepted validation methods


The courseware is designed such that it is appropriate for persons acting as the Validator Role, acting as a member of a Validation Team, or persons that undergo the Validation process as a System Owner.

InfoSec Institute is proud to present the DIARMF Boot Camp, a practical manager's immersion into the Department of Defense Information Assurance Certification and Accreditation Process (DIARMF).

In 2011 the Department of Defense (DoD) implemented the Department of Defense Risk Management Framework that supersedes the DoD 8510.1M DITSCAP. The DIARMF ensures that risk management is applied to information systems (IS).

Currently, the DIACAP consist of DIACAP packages (DIP, SIP, scorecard, POA&M with artifacts) and NIST 800-37 rev 1 consists of a Security Authorization Package (System Security Plan, Security Assessment Report & POA&M). Also, the roles between the NIST Risk Management Framework and the DoD 8500 series are different. So far, the DON CIO and ASD (NII) have come up with mapping between the roles and theĀ 800-53 controls.

The DIARMF will hopefully cover all of the gaps between the DoD C&A process and the new NIST 800-37, Risk Management Framework.


Using their experience in conducting over 100 IT security assessments, our class instructors will augment the instruction with examples of real-world experience to help students quickly relate and apply the concepts and strategies to their environments.

**We will be compiling more changes and updates as we find them. Very little is officially published, and above material is sourced from our own instructors who have insight into the DIARMF as well as public sites:

    • insurance2ru.com
    • usace-isc.org
    • elamb.org
    • rmf.org






  • 95% Pass Rate!
  • Proprietary Practice Exams
  • Instructors are DIACAP & DIARMF experienced
"...provides a very direct and focused review of and provides a framework for understanding how to approach the exam, unlike any other in the industry. "

Rob Carey
President, ISSA S.FL



Dates & Locations

The best in the world come train with us

See what our students are saying

  • Ryan Argomaniz

    CISSP, Bank of America

    "test reflected the study materials well"

    "I think the amount of time was appropriate, the information was relevant and well-summarized, and the test reflected the study materials well. My instructor did a great job. My Training Sales Representative has also been very helpful and I am glad that he had taken a great interest to follow up during class to with the students. I am very pleased with InfoSec lnstitute and the entire process."

    Find out more
  •   Rob Carey
    CISSP, President South Florida Chapter of ISSA

    "unlike any other in the industry"

    "This boot camp provides a very direct and focused review and provides a framework for understanding how to approach the exam, which is unlike any other in the industry. Provided that you follow their program closely, including advance study of the materials they provide as a part of their comprehensive package, this camp will be a week very well spent."

    Find out more
  • Kevin Boland

    Bentley Systems, Inc.

    "I never had a better instructor teach a class. I do mean ever."

    "The instructor was superb. I never had a better instructor teach a class. I do mean ever. He kept it entertaining as well as informational. He was able to apply theory along with real world examples. He stayed late to teach us on topics and discuss. He was truly top notch. ... I will be taking another class from your school in the future. Along with recommending my friends to your school"

    Find out more
  • " ability to make material interesting and fun is rare"

    "As I mentioned before-the instructor's ability to make material interesting and fun is rare. He truly motivates you to not only pass the certification but, to become an IT security "Jedi" & live by the warrior code."

    Find out more


Call (866)-471-0059 or fill out this short form for current pricing


Other Related Tools & Resources For Our Students

We believe in a commitment to your education. Our latest offering to the IT community has tutorials, videos, articles, white papers, and other resources and training materials that InfoSec Institute makes available for free. Below are some examples that relate to our IA classes. By reading these you should get a good idea of the types of skills you'll be learning in our courses.

InfoSec Institute has an excellent instructor and this is the best IT security class I have ever taken. His knowledge and method of teaching are unsurpassed.