CGRC Domain 1: Information security risk management program Course

This course deals with Domain 1 of CGRC, covering the information security risk management program and principles of information security.

2 hours, 27 minutes

Course description

In this course, we will cover Domain 1: Information Security Risk Management Program. This domain includes the principles of information security which includes security objectives (confidentiality, integrity and availability). Terms such as risk, risk management and organizational risk are defined. We review risk management tasks and essential documents, the six steps of the risk management framework (RMF), the preparation step (RMF step 0), federal laws and more.

Syllabus

Federal publications, policies, guidelines, and standards, part 2

Video - 00:09:00

Concluding our look at federal publications, policies, guidelines, and security standards
Federal publications, policies, guidelines, and standards, part 1

Video - 00:17:00

An overview of federal publications, policies, guidelines, and security standards related to the RMF.
Federal laws and policies and their relation to federal agencies & organizations

Video - 00:16:00

A look at federal laws regarding privacy and security and their relation to various federal agencies.
Personally identifiable information, security of sensitive data, and federal acts and laws regarding privacy controls

Video - 00:18:00

A look at privacy, personally identifiable information (PII), and federal laws regarding security.
RMF documents and the six steps of the RMF

Video - 00:15:00

A look at essential documents and tasks and the six steps used in the RMF.
Federal agencies & organizations, roles & responsibilities

Video - 00:17:00

A review of the federal agencies that are involved in the risk management/authorization process, as well as their roles and responsibilities.
Security architecture, SDLC phases, and how the SDLC maps to the RMF

Video - 00:16:00

An introduction to security architecture as it relates to the RMF, including a look at SDLC phases and how the SDLC maps to the RMF.
Risk defined, risk management, organizational risk

Video - 00:21:00

A look at terms and definitions, risk defined, risk management and organizational risk (Tier 1, Tier 2 and Tier 3).
CGRC Domain 1, introduction

Video - 00:16:00

An introduction to RMF, description of C&A and a description of SA&A.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments

Plans & pricing

Infosec Skills Personal

$299 / year

  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Learn about scholarships and financing with

Affirm logo

Award-winning training you can trust