• 708.689.0131
  • Contact us
  • Infosec IQ login
  • Infosec Skills login
Infosec Logo
  • Infosec Logo
  • Products
  • Solutions
  • Resources
  • Company
  • Infosec IQ logo Security awareness
  • Infosec Skills logo Boot camps & training
  • Product overview
  • Security awareness training
  • Phishing simulator
  • Reporting & assessments
  • Program automation
  • Global administration
  • Browse all training
  • Pricing & features
  • Demo
  • Live boot camps
  • Role-based training
  • Certifications & CPEs
  • Cyber ranges & labs
  • Skill assessments
  • Infosec Skills teams
  • Browse all training
  • Free trial
  • Pricing & features
  • Demo
  • Pre-built training plans
  • Industry, compliance & role-based training
  • Custom education
  • Personalized learning
  • Language
  • 1000+ phishing templates
  • Simulation types
  • Phishing email reporter
  • Reports
  • Assessments
  • Dashboard
  • Learner analytics
  • Learner management
  • Threat response orchestration
  • Integrations
  • Cybersecurity Specialist
  • Cybercrime Investigator
  • IT Auditor
  • Cybersecurity Analyst
  • Cybersecurity Consultant
  • Penetration Tester
  • Cybersecurity Manager
  • Cybersecurity Engineer
  • Cybersecurity Architect
  • Boot Camp Overview
  • CISSP Boot Camp
  • Security+ Boot Camp
  • Ethical Hacking Boot Camp
  • CCNA Dual Cert Boot Camp
  • CASP+ Boot Camp
  • CCSP Boot Camp
  • CISM Boot Camp
  • CySA+ Boot Camp
  • PMP Boot Camp
  • Browse all boot camps
Choose Your Own Adventure

Security awareness games by Infosec

Click to Play
  • By organization type
  • By need
  • Solutions overview
  • For business teams
  • For government & contractor teams
  • For MSPs & resellers
  • Security awareness
  • Phishing simulation
  • Technical skill development
  • IT certification
  • Compliance & framework
  • CMMC certification

    2020 security talent pipeline study

    250 security hiring managers share how they fill open roles

    Download
    • Cyber Work
    • Webinars
    • Case studies
    • Reports & whitepapers
    • Blog
    • Community
    • Infosec Inspire
    • Free tools
    • Cyber Work Podcast
    • Cyber Work Applied
    • Infosec Insiders
    • TechExams
    • YouTube
    • LinkedIn
    • Facebook
    • Twitter
    • Phishing Risk Test
    • Security awareness ROI calculator
    • Security awareness training plans
    • Security awareness buyer’s guide

      Free cybersecurity training from industry experts

      Forrester Wave™ graphic

      New episodes every month

      Get Access
      • About us
      • Events
      • Careers
      • Scholarships & awards
      • Infosec Gives
      • Industry alliances
      • About us
      • Leadership
      • Newsroom
      • Recognition
      • About LX Labs
      • Infosec Hall of Fame
      • Infosec Security Awareness Awards
      • Infosec Accelerate Scholarship Program

        We’re hiring!

        Join an ambitious team of people who care about making a difference.

        Get To Know Us

        DoD Risk Management Framework (RMF) Boot Camp

        Infosec’s Risk Management Framework (RMF) Boot Camp is a four-day course in which you delve into the IT system authorization process and gain an understanding of the Risk Management Framework.

        ★★★★☆
        4.7
        (187 ratings)
        Updated December 2020
        Book a Boot Camp

        Master the Risk Management Framework

        • 100% Satisfaction Guarantee
        • Four days live, expert DoD RMF instruction (live online or in-person)
        • Immediate access to Infosec Skills — including a bonus boot camp prep course — from the minute you enroll to 90 days after your boot camp
        • Learn by doing with 100s of additional hands-on courses and labs
        • 90-day access to all boot camp video replays and materials
        • Knowledge Transfer Guarantee

        Benefits and goals

        This boot camp blends lecture, discussion and hands-on exercises to educate you about RMF methodology. You’ll leave prepared to implement the Risk Management Framework for your IT systems as prescribed in the updated NIST series of publications.

        You’ll learn the RMF process and methodology for categorizing information systems, selecting and implementing applicable security controls, and establishing a Continuous Monitoring program. This boot camp breaks down the RMF into steps, tasks, outputs and responsible entities and includes informative lectures, discussions and exercises. These sessions will provide a functional understanding of cybersecurity and risk management and the proper selection, implementation and validation of the new security controls as outlined on the RMF Knowledge Service and corresponding NIST Special Publications.

         

        View full course schedule

        Training overview

        Infosec offers the most in-depth course available for students looking to learn about the Risk Management Framework for information technology. Risk Management Framework (RMF) describes the process for identifying, implementing, assessing and managing cybersecurity capabilities and services, expressed as security controls and authorizing the operation of information technology systems.

        RMF brings a risk-based approach to the implementation of cybersecurity, supports cybersecurity integration early and throughout the system life cycle, promotes reciprocity to the maximum extent possible and stresses continuous monitoring. RMF replaces the DoD Information Assurance Certification and Accreditation Process (DIACAP) and adopts the term cybersecurity in place of information assurance.

        What you'll learn

        After completing Infosec’s DoD RMF Boot Camp, you will be able to:

        • Understand the Risk Management Framework for DoD IT authorization process
        • Understand FISMA and NIST processes for authorizing Federal IT systems
        • Explain key roles and responsibilities
        • Explain statutory and regulatory requirements
        • Apply these principles to real-world activities and situations

        Who should attend

        The Risk Management Framework (RMF) Boot Camp is meant for IT-focused employees and contractors and their supporting vendors and service providers.

        Get training resources sent to your inbox

        Everything you need to learn the Risk Management Framework

        • 100% Satisfaction Guarantee
        • 4 days live, expert DoD RMF instruction (live online or in-person)
        • DoD RMF boot camp prep course
        • Learn by doing with 100s of additional hands-on courses and labs
        • 90-day access to all boot camp video replays and materials
        • Knowledge Transfer Guarantee
        View Pricing

        DoD RMF training schedule

        Infosec’s DoD RMF training is more than just a boot camp. We support you before, during and after your live training to ensure you’re fully prepared for your exam — and get certified on your first attempt.

        • Before your boot camp
          • Start learning now. You’ll get immediate access to all the content in Infosec Skills, including an in-depth DoD RMF prep course, the moment you enroll. Prepare for your live boot camp, uncover your knowledge gaps and maximize your training experience.

        • During your boot camp
          • Legal and regulatory organizations

            • White House (Executive Orders)
            • NIST (National Institute of Standards and Technology)
            • OMB (Office of Management and Budget)
            • CNSS (Committee of National Security Systems)

            Laws, policies and regulations

            • Privacy Act
            • Computer Fraud & Abuse Act (CFAA)
            • Electronic Communications Privacy Act (ECPA)
            • Computer Security Act
            • Information Technology Management Reform Act
            • Clinger-Cohen Act
            • USA PATRIOT ACT
            • Federal Information Security Management Act (FISMA)
            • Federal Information Security Modernization Act (FISMA)
            • Other laws (GLBA, SOX, HIPAA, HITECH)

            Integrated organizational-wide risk management

            • Categories of business risk
            • Overview of risk management
            • Risk management objectives
            • Potential risk impacts
            • Potential security impacts
            • Risk assessment process
            • Risk assessment steps
              • Prepare
              • Conduct
              • Report and communicate
              • Maintain

            System development life cycle

            RMF key roles and responsibilities

            • Authorizing official/DAA
            • AO designated representative
            • Chief information officer
            • Senior agency information security officer
            • Information system owner
            • Program manager
            • Common control provider
            • Information owner or steward
            • Information system security manager
            • Information system security officer
            • Information security architect
            • Information system security engineer
            • Control assessor, aka third-party assessment organization (3PAO)
            • System user

            RMF phase overview

            • Security authorization process
              • Organization level
              • System level
            • Prepare
              • Risk management roles
              • Risk management strategy
              • Risk assessment — organization
              • Organizationally-tailored control baselines and cybersecurity framework profiles (optional)
              • Common control identification
              • Impact-level prioritization (optional)
              • Continuous monitoring strategy — organization
              • Mission or business focus
              • System stakeholders
              • Asset identification
              • Authorization boundary
              • Information types
              • Information life cycle
              • Risk assessment — system
              • Requirements definition
              • Enterprise architecture
              • Requirements allocation
              • System registration
            • Categorization
              • System description
              • Security categorization
              • Security categorization review and approval
              • Selection
              • Control selection
              • Control tailoring
              • Control allocation
              • Documentation of planned control implementations
              • Continuous monitoring strategy — system
              • Plan review and approval
            • Implementation
              • Control implementation
              • Update control implementation information
            • Assessment
              • Assessor selection
              • Assessment plan
              • Control assessments
              • Assessment reports
              • Remediation actions
              • Plan of action and milestones
            • Authorization
              • Authorization package
              • Risk analysis and determination
              • Risk response
              • Authorization decision
              • Authorization reporting
            • Monitoring
              • System and environment changes
              • Ongoing assessments
              • Ongoing risk response
              • Authorization package updates
              • Security and privacy reporting
              • Ongoing authorization
              • System disposal
        • After your boot camp
          • Your Infosec Skills access extends 90 days past your boot camp, so you can take additional time to prepare for your exam, get a head start on your next certification goal or start earning CPEs.

        Free DoD RMF training resources

        Risk management and understanding what matters most

        Liz Mann, head of the Life Sciences and Health sectors, Americas Cybersecurity, EY Advisory, discusses her role at EY, the importance of diverse perspectives around risk management, and her work encouraging young women to enter the cybersecurity workforce.

        Listen Now

        DoD RMF and Security Risk Management Salaries

        Within the Department of Defense, security managers are essential for helping implement the new Risk Management Framework (RMF), a crucial update in the way threats to the United States are assessed and mitigated. Read more for salary projections.

        Learn More

        DoD RMF Revision 2: New updates and their impact on cybersecurity

        With the publication of this revision, the NIST has taken its first step towards providing security and risk management with an integrated and flexible methodology. In this post, you’ll learn about these new updates and their impact.

        Read More

        Find your boot camp

        Take the course online?
        Learn more about online
        866.471.0059
        • Today
        • Next week
        • Next month
        See additional dates

        ©2021 Infosec, Inc.

        • Privacy & Cancellation Policies
        • Trademarks
        We use cookies to personalize your experience and optimize site functionality. Accept Cookie settings
        Privacy & Cookies Policy

        Infosec cookie notice

        We use cookies to help understand your needs, optimize website functionality and give you the best experience possible. Use this policy to understand how, when and where cookies are stored on your device. 

        Want to know more? Contact [email protected].
        Necessary
        Always Enabled

        This type of cookie helps keep our website functioning. They provide access to account-based features and other secure areas of our site, and do not store information about you that could be used for marketing. This category of cookies cannot be disabled.

        Analytics

        Google Analytics cookies help us understand how visitors use our site. All data collected from Google Analytics is anonymized (including your IP address) and stored by Google on U.S. servers.

        Marketing

        We use this type of cookie to optimize our marketing campaigns. Marketing cookies are delivered by our database when you visit our site, complete a form or open email from us. Information stored in this cookie includes personal information like your name and what pages you view on our site.

        Save & Accept