DoD Risk Management Framework (RMF) Boot Camp
Transform your career in 4 days
Course essentials
DoD Risk Management Framework (RMF) training at a glance
-
Method
Live online, in-person, team onsite
-
Duration
4 days
-
Experience
1-3 years of experience
-
Average salary
$88,282
What you'll learn
Training overview
With our blend of lectures, discussions and hands-on exercises, you’ll learn the RMF process and methodology for categorizing information systems, selecting and implementing applicable security controls and establishing a continuous monitoring program. Through this boot camp, you gain the skills to:
- Understand the Risk Management Framework for DoD IT authorization process
- Understand FISMA and NIST processes for authorizing Federal IT systems
- Explain statutory and regulatory requirements
By the end of the Risk Management Framework training, you have the confidence and skills to provide a systematic and structured approach to identify, assess, mitigate and manage organizational risks. You have the know-how to prioritize resources, comply with regulations, make informed decisions and continually improve risk management practices.
Who should attend
The Risk Management Framework (RMF) Boot Camp is meant for IT-focused employees and contractors and their supporting vendors and service providers. Here's what each role can gain from attending:
- IT professionals
- Risk managers
- Compliance officers
- Project managers
- Executive management:
- Auditors and inspectors
- Legal and compliance teams
By attending RMF training, participants from these roles gain invaluable knowledge to take their expertise to the next level.
Award-winning training you can trust
Ready to discuss your training goals? We've got you covered.
Complete the form and book a meeting with a member of our team to explore your learning opportunities.
Sorry, we're unable to load the form at the moment. Please check your browser's settings to confirm the form is not blocked. You can contact us and report the issue here: infosec.info@cengage.com.
Thanks! We look forward to meeting with you!
What's included
Everything you need to know
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Knowledge Transfer Guarantee
- Pre-study learning path
What makes the Infosec RMF prep course different?
You can rest assured that the RMF training materials are fully updated and synced with the latest version of the exam. In addition, you’ll gain access to the prep course the moment you enroll, so you can prepare for and get the most out of your boot camp.
With 20 years of training experience, we stand by our RMF training with 100% satisfaction guaranteed. This means if you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Before your boot camp
Prerequisites
Syllabus
Training schedule
Preparation (before the boot camp starts)
RMF prep course
Day 1
Introduction
Legal and regulatory organizations
- White House (Executive Orders)
- NIST (National Institute of Standards and Technology)
- OMB (Office of Management and Budget)
- CNSS (Committee of National Security Systems)
Legal and regulatory organizations continued
Optional group & individual study
Schedule may vary from class to class
Day 2
Laws, policies and regulations
- Privacy Act
- Computer Fraud & Abuse Act (CFAA)
- Electronic Communications Privacy Act (ECPA)
- Computer Security Act
- Information Technology Management Reform Act
- Clinger-Cohen Act
- USA PATRIOT ACT
- Federal Information Security Management Act (FISMA)
- Federal Information Security Modernization Act (FISMA)
- Other laws (GLBA, SOX, HIPAA, HITECH)
Laws, policies and regulations continued
Optional group & individual study
Schedule may vary from class to class
Day 3
Integrated organizational-wide risk management
- Categories of business risk
- Overview of risk management
- Risk management objectives
- Potential risk impacts
- Potential security impacts
- Risk assessment process
- Risk assessment steps
System development life cycle
Optional group & individual study
Schedule may vary from class to class
Day 4
RMF key roles and responsibilities
RMF phase overview
- Security authorization process
- Prepare
- Categorization
- Implementation
- Assessment
- Authorization
- Monitoring
Schedule may vary from class to class
What's next?
After you finish the Risk Management Framework training
After completing the course, take additional time to get a head start on earning a certification or start earning CPEs.
Our boot camps are well-crafted to prepare you for the challenges of risk management and ensure more marketable skills. Your Infosec Skills access extends 90 days past your boot camp, so you can revisit courses on video and shore up areas where you want to learn more.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.
Career Opportunities
What are the career opportunities like for RMF certified professionals?
The DoD Risk Management Framework knowledge opens career opportunities, as it’s crucial to many IT and security roles related to the DoD. Common job titles and roles held by professionals with this training include:
- Information security manager
- Compliance officer
- Risk management auditor
- Governance, risk and compliance (GRC) specialist
The demand for risk managers is growing as organizations better recognize the need for proactive measures. Focus is now on the evolving risk landscape, regulations requirements, financial protection concerns and the desire to build risk-aware cultures, which gives well-trained professionals a competitive advantage. Those with strong risk management skills, industry-specific knowledge and the ability to navigate complex risks have promising career prospects.
What job titles are most common for people with RMF certification?
Some common positions that this certification can help you land include:
-
Risk manager
-
Chief risk officer (CRO)
-
Risk analyst
-
Compliance auditor
Average Salary
CompTIA’s RMF certification salary expectations
Because job titles in the field vary widely, so do expected salaries. However, the average salary for an RMF-focused cybersecurity analyst is $88,282, according to Glassdoor. Salaries change based on location and experience, but education and training play a big role in increasing earning potential.
Guaranteed results
Our boot camp guarantees
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
FAQ
Frequently asked questions
What is the DoD RMF?
The DoD RMF replaced the previous DoD Information Assurance Certification and Accreditation Process (DIACAP). This was done for a variety of reasons, including having a standardized information assurance language across the federal government, improved risk management, and more.
As NIST explains, RMF “provides a process that integrates security, privacy, and cyber supply chain risk management activities into the system development life cycle.”
How much does it cost to become DoD RMF trained?
What are the requirements for RMF assess only?
"Assess only" typically refers to a specific role or responsibility within the framework. The assess only role conducts security assessments and evaluates the effectiveness of security controls but does not implement or manage the controls. These roles vary based on the organization, the complexity of the system being assessed and the specific objectives of the assessment.
Common requirements for individuals in an assess only role may include familiarity with the various steps of the RMF, a strong background in security assessment methodologies and techniques, proficiency in the technical aspects and ability to identify and assess risks and knowledge of compliance and applicable laws.
You’re in Good Company
Michelle Jemmott, PentagonI really appreciate that our instructor was extremely knowledgeable and was able to provide the information in a way that it could be understood. He also provided valuable test-taking strategies that I know not only helped me with this exam, but will help in all exams I take in the future.
Erik Heiss, United States Air ForceThe instructor was able to take material that prior to the class had made no sense and explained it in real-world scenarios that were able to be understood.
Sylvia Swinson, TexeltekI was blown away by Infosec! The instructor's strategic delivery of information ensured that everyone understood the concepts. I'd jump at the chance to take another class or certification prep course with them!
Explore our top boot camps