Overview
-
Learn how to manage your organization's security and privacy risks by implementing the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF).
Syllabus
-
Introduction
- Reducing risks using the NIST Risk Management Framework
- Preparing for a NIST RMF assessment
- Case study Introduction
- Why use a risk-based approach to security?
- Preparing a risk-based approach to security
- How to determine in-scope systems
- NIST RMF scoping tips, techniques, and perspectives
- How to inventory critical assets
- Completing a business impact analysis (BIA)
- Comparing common security control frameworks
- Choosing security frameworks and control levels
- Applying NIST security controls
- Setting NIST RMF assessment goals
- NIST RMF assessment steps
- How to analyze NIST RMF assessment results
- Assessing controls and risk exercise
- How officials authorize systems
- Setting monitoring goals to meet NIST requirements
- Examples of monitoring
- Best practices in implementing the NIST RMF
- Resources for your NIST RMF journey
