CGRC Domain 3: Selection and approval of security and privacy controls Course
55 minutes
Course description
This course covers Domain 3 of CGRC and RMF Step 2. Essential documents include FIPS 200 and SP 800-53 for guidance on control selection, as well as the use of overlays and additional control tailoring, if required. Control selection is risk-based, so a risk assessment must be performed and risk mitigation strategies implemented.![](/contentassets/d65de3a5bb034993b7cf1ea5e1eab9f3/prerequisites-graphic.png)
Syllabus
RMF Step 2: Select, part 4, risk mitigation options and completion of the system security plan (SSP)
Video - 00:04:00
In this session, we conclude our review of RMF step 2: Select, with a look at risk mitigation options and completion of the System Security Plan (SSP).
RMF Step 2: Select, part 3, the four-step risk assessment process
Video - 00:17:00
In this session, we continue to look at RMF Step 2: Select, as we review the four-step risk assessment process.
RMF Step 2: Select, part 2, overlays, control tailoring, threat and risk assessment.
Video - 00:17:00
In this session, we continue our discussion of RMF Step 2: Select, as we look at overlays, control tailoring, threat and risk assessment.
CGRC Domain 3, RMF Step 2: Select
Video - 00:16:00
In this session, we begin to cover CGRC Domain 3, RMF Step 2: Select, as we look at FIPS-200 and NIST SP 800-53 for guidance on control selection.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Award-winning training you can trust
![](/contentassets/591f43d72c6b4d0bb8ba22cad75d6c48/2x.png?height=122&rmode=Max&bgcolor=transparent)
![](/contentassets/68cc0229d91e4a62be8622c213529754/users-love-us-3.png?height=122&rmode=Max&bgcolor=transparent)
![](/contentassets/419c2404d29e4e61a554acee7d04beb0/winners-badge-png.png?height=122&rmode=Max&bgcolor=transparent)
![](/contentassets/8ef988d8aac34badb0d4c655253d16b2/onlinecourseproviders_leader_leader.png?height=122&rmode=Max&bgcolor=transparent)
![](/contentassets/49843374d7924a2fac275eca5ed2e8cc/csgea-2022-bronze-png.png?height=122&rmode=Max&bgcolor=transparent)