Course

CGRC Domain 3: Selection and approval of security and privacy controls

A look at Domain 3 of CGRC, including essential documents and control selection.
55 minutes 4 videos
Start a Free Trial

Course description

This course covers Domain 3 of CGRC and RMF Step 2. Essential documents include FIPS 200 and SP 800-53 for guidance on control selection, as well as the use of overlays and additional control tailoring, if required. Control selection is risk-based, so a risk assessment must be performed and risk mitigation strategies implemented.

Syllabus

RMF Step 2: Select, part 4, risk mitigation options and completion of the system security plan (SSP)

Video - 00:04:00
In this session, we conclude our review of RMF step 2: Select, with a look at risk mitigation options and completion of the System Security Plan (SSP).
RMF Step 2: Select, part 3, the four-step risk assessment process

Video - 00:17:00
In this session, we continue to look at RMF Step 2: Select, as we review the four-step risk assessment process.
RMF Step 2: Select, part 2, overlays, control tailoring, threat and risk assessment.

Video - 00:17:00
In this session, we continue our discussion of RMF Step 2: Select, as we look at overlays, control tailoring, threat and risk assessment.
CGRC Domain 3, RMF Step 2: Select

Video - 00:16:00
In this session, we begin to cover CGRC Domain 3, RMF Step 2: Select, as we look at FIPS-200 and NIST SP 800-53 for guidance on control selection.

Unlock 7 days of free training

  • 1,400+ hands-on courses and labs
  • Certification practice exams
  • Skill assessments
Start a Free Trial

Plans & pricing

Infosec Skills Personal

$299 / year

Buy Now 7-Day Free Trial
  • 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (e.g., CISSP, Security+)
  • Skill assessments
  • Infosec peer community support

Infosec Skills Teams

$799 per license / year

Book a Meeting
  • Team administration and reporting
  • Dedicated client success manager
  • Single sign-on (SSO)
    Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
  • Integrations via API
    Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
  • 190+ role-guided learning paths and assessments (e.g., Incident Response)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Create and assign custom learning paths
  • Custom certification practice exams (e.g., CISSP, CISA)
  • Optional upgrade: Guarantee team certification with live boot camps

Award-winning training you can trust