NIST DoD RMF (2022 Update) Learning Path

This course explains the Risk Management Framework (RMF) and its processes.

4 hours, 48 minutes

Quick facts

About this learning path

  • courses

    100% online

  • Duration

    4 hours, 48 minutes

  • Assessment

    questions

About NIST DoD RMF (2022 Update)

The Risk Management Framework (RMF) provides a disciplined, structured and flexible process for managing security and privacy risk that includes information security categorization; control selection, implementation and assessment; system and common control authorizations; and continuous monitoring. It includes activities to prepare organizations to execute the framework at appropriate risk management levels.

 

Syllabus

NIST DoD RMF skill assessment

Assessment - 25 questions

Legal and regulatory organizations

Course - 00:37:00

In this course, we explain the involvement of some regulatory organizations in the development and execution of the NIST RMF. We specifically discuss executive orders, NIST, the Office of Management and Budget, the Committee on National Security Systems and more.
Laws, policies and regulations

Course - 00:13:00

In this course, we explain some of the laws, policies and regulations governing the implementation and execution of the NIST RMF. This course discusses the Privacy Act, the Computer Fraud and Abuse Act, the USA PATRIOT Act and more.
Risk management

Course - 00:52:00

Managing information system-related security and privacy risk is a complex undertaking that requires the involvement of the entire organization. Risk management is a holistic activity that affects every aspect of the organization and cannot be made in isolation. This course discusses risk, the system development life cycle, key roles and more.
RMF steps

Course - 02:04:00

This course describes the RMF and provides guidelines for applying it to information systems and organizations. We discuss the RMF structured and flexible process for managing security and privacy risk, as well as RMF activities to prepare organizations to execute the framework at appropriate risk management levels.
RMF Review and Project

Course - 00:50:00

Finally, you will complete an exercise on the categorization process. In this course, we review the categorization process by completing the NIST 800-60v1 categorization worksheet. We then transfer the information over to the FIPS 199 Categorization Form and look at the six RMF steps.

Meet the author

Ross Casanova

Mr. Casanova has extensive experience in leadership, project management, intelligence analysis and training development. As a program manager, he helped build the CSRA pipeline of new opportunities, including developing winning proposals for more than $100 million in new business. He served the intelligence community in various roles and retired from the United States Army after 20+ years of service. He has over twenty years of experience as a technical trainer.

Certifications held: CISSP, Security+ce, CEH, CCSP, NSA-IAM, GIAC, CCSK, CIRM, SMSP, Infosec Certified Instructor, ISC2 Certified CISSP Instructor, Ultimate Knowledge Institute Certified Instructor, ITIL® Foundation Certificate in IT Service Management (ITILv3-F).

The details

Learning path insights

How to claim CPEs

Should you complete this learning path, you’ll be able to download a certificate of completion. Use this to claim your CPEs or CPUs.

No software. No set up. Unlimited access.

Skip the server racks and spin up a realistic environment with one click. Infosec Skills cyber ranges require no additional software, hardware or server space so your team can spend less time configuring environments and more time learning. Unlimited cyber range access is included in every Infosec Skills subscription so your team can skill up however they learn best.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo