DoD Risk Management Framework (RMF) Boot Camp
Infosec’s Risk Management Framework (RMF) Boot Camp is a four-day course in which you delve into the IT system authorization process and gain an understanding of the Risk Management Framework.
Learn the DoD Risk Management Framework
Boot camp overview
Infosec offers the most in-depth course available for students looking to learn about the Risk Management Framework for information technology. Risk Management Framework (RMF) describes the process for identifying, implementing, assessing and managing cybersecurity capabilities and services, expressed as security controls and authorizing the operation of information technology systems.
RMF brings a risk-based approach to the implementation of cybersecurity, supports cybersecurity integration early and throughout the system life cycle, promotes reciprocity to the maximum extent possible and stresses continuous monitoring. RMF replaces the DoD Information Assurance Certification and Accreditation Process (DIACAP) and adopts the term cybersecurity in place of information assurance.
Skill up and get certified, guaranteed
100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different Flex Pro or Flex Classroom course.
Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
What's included
- Four days of training with an expert instructor
- Infosec digital courseware (physical textbooks available to purchase)
- 90-day access to course replays (Flex Pro)
- Curated videos from other top-rated instructors (Flex Pro)
- 100% Satisfaction Guarantee
Course objectives
After completing Infosec’s DoD RMF Boot Camp, you will be able to:
- Understand the Risk Management Framework for DoD IT authorization process
- Understand FISMA and NIST processes for authorizing Federal IT systems
- Explain key roles and responsibilities
- Explain statutory and regulatory requirements
- Apply these principles to real-world activities and situations
Award-winning training that you can trust
Best Software - Highest Satisfaction
Infosec Skills
Best IT Security-related Training Program
Infosec Skills
Best Cybersecurity Podcast
Cyber Work with Chris Sienko
Innovation Award - Software
Infosec
Technical Skills Development Software
Infosec Skills
Benefits and goals
This boot camp blends lecture, discussion and hands-on exercises to educate you about RMF methodology. You’ll leave prepared to implement the Risk Management Framework for your IT systems as prescribed in the updated NIST series of publications.
You’ll learn the RMF process and methodology for categorizing information systems, selecting and implementing applicable security controls, and establishing a Continuous Monitoring program. This boot camp breaks down the RMF into steps, tasks, outputs and responsible entities and includes informative lectures, discussions and exercises. These sessions will provide a functional understanding of cybersecurity and risk management and the proper selection, implementation and validation of the new security controls as outlined on the RMF Knowledge Service and corresponding NIST Special Publications.
Who should attend?
The Risk Management Framework (RMF) Boot Camp is meant for IT-focused employees and contractors and their supporting vendors and service providers.
Why choose Infosec
Your flexible learning experience
Infosec Flex makes expert, live instruction convenient with online and in-person formats tailored to how, when and where you learn best.
Public training boot camps held nationwide
- Pre-study course materials
- Live instruction
- Digital courseware
- Daily reinforcement materials
- Catered lunches
- Infosec community forum access
- 100% Satisfaction Guarantee
- Knowledge Transfer Guarantee
Most Popular
Immersive, live-streamed instruction
- Pre-study course materials
- Live instruction
- Digital courseware
- Daily reinforcement materials
- Detailed performance reporting
- Video replays
- 90-day extended access to materials
- Infosec community forum access
- Exam Pass Guarantee
- 100% Satisfaction Guarantee
- Knowledge Transfer Guarantee
Tailored team training at your location
- Pre-study course materials
- Live, customized instruction at your location
- Digital courseware
- Daily reinforcement materials
- Detailed team performance reporting
- Video replays
- 90-day extended access to materials
- Infosec community forum access
- Exam Pass Guarantee
- 100% Satisfaction Guarantee
- Knowledge Transfer Guarantee
Can’t get away for a week?
Learn cybersecurity on-demand.
Get the cybersecurity training you need at a pace that fits your schedule with a subscription to Infosec Skills. Includes unlimited access to hundreds of additional on-demand courses — plus cloud-hosted cyber ranges where you can practice and apply knowledge in real-world scenarios — all for just $34 a month!
- 70+ learning paths
- 500+ courses
- Cloud-hosted cyber ranges and hands-on projects
- Skill assessments and certification practice exams
- Infosec community peer support
You're in good company.
Our clients
Find your boot camp
DoD RMF Boot Camp details
Legals and regulatory organizations
- White House (Executive Orders)
- NIST (National Institute of Standards and Technology)
- OMB (Office of Management and Budget)
- CNSS (Committee of National Security Systems)
Other related references
- ODNI (Office of the Director of National Intelligence)
- DoD (Department of Defense)
- Laws, policies and regulations
- Integrated organization-wide risk management
System development life cycle
RMF key roles and responsibilities
- Authorizing official/DAA
- AO designated representative
- Chief information officer
- Senior agency information security officer
- Information system owner
- Information system security officer
- Program manager
- Security control assessor
- User representative
RMF – Security authorization
- RMF phase 1 – Categorize
- Task 1 – Security categorization
- Task 2 – Information systems description
- RMF phase 2 – Select
- Task 1 – Common control identification
- Task 2 – Security control selection
- Task 3 – Developing a monitoring strategy
- Task 4 – Reviewing and approving the SSP
- RMF phase 3 – Implement
- Task 1 – Security control implementation
- Task 2 – Security control documentation
- RMF phase 4 – Assess
- Task 1 – Security control assessment plan
- Task 2 – Security control assessment
- Task 3 – Security assessment report
- Task 4 – Remediation actions
- RMF phase 5 – Authorize
- Task 1 – Developing a Plan of Actions and Milestones (POA&M)
- Task 2 – Assembly of the authorization package
- Task 3 – Determining risk
- Task 4 – Accepting risk
- RMF phase 6 – Monitor
- Task 1 – Monitoring information system and environment changes
- Task 2 – Ongoing security control assessment
- Task 3 – Ongoing remediation actions
- Task 4 – Updating security documentation
- Task 5 – Security status reporting
- Task 6 – Ongoing risk determination and acceptance
- Task 7 – System removal and decommissioning
Risk Management Framework review
Exceptional learning experiences powered by LX Labs cyber expertise
Infosec Skills boot camps are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet each boot camp to guarantee it meets certification and compliance requirements and aligns with recognized guidelines like the NICE Cybersecurity Workforce Framework.
