The Risk Management Framework (RMF) for Validators Course is a 5-day intensive workshop. During this course students will be taught the basic principles for accomplishing the Assessment and Authorization (A&A) process for DoD Navy information systems, advanced strategies for successfully completing an RMF effort, review the use and verification of testing methodologies. This course is also beneficial to personnel filling the roles of Information Systems Security Engineers (ISSE), Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), and other supporting RMF roles.
The course applies to systems in Any Stage of the System Lifecycle:
- Systems for which a Risk Management Framework (RMF) assessment or authorization effort is being initiated
- Systems transitioning to Risk Management Framework (RMF)
- Systems already certified by DIACAP processes
- Systems being acquired through the DOD Acquisition Process
Topics for this course include but are not limited to:
- How to build an RMF Package from scratch
- In-depth exploration of all the supporting documents including the Security Plan, Implementation Plan, Risk Assessment Report, Security Assessment Report, IS Continuous Monitoring Strategy, Supporting Artifacts, and the Plan of Action & Milestones (POA&M)
- Learn why and when supporting documents come into play in the process
- An overview of the DOD IA Certification and Accreditation (DIACAP) process and transition to RMF
- A review of the Navy Qualified Validator Standards, Responsibilities, and Registration process
Course satisfies the following Navy CA Fully Qualified Validator requirements:
- Navy Certifier Equivalent Course
- CNSS 4012, Senior Systems Managers
- CNSS 4015, Systems Certifiers
ACCEPTANCE FOR SATISFYING THE NEW NAVY QUALIFIED VALIDATOR REQUIREMENTS FOR RMF IS PENDING
This is a five-day course. Classes are held from 0800 – 1600.
Who Should Attend
This course is designed for Information Security professionals that are comfortable with the concepts of the Navy Risk Management Framework (RMF) and need to round out their understanding of package preparation, package processing, and testing methods. Material is presented in a cradle-to-grave format for creating, submitting and maintaining an RMF package and includes hands-on lab work. The ideal student will have at least 1 year of experience in DoD Certification and Accreditation (C&A) or Assessment and Authorization (A&A). An in-depth knowledge of risk management, networking, and security fundamentals is a plus.
This course is directly relatable to personnel filling the roles of Navy Qualified Validator (NQV), Information Systems Security Engineers (ISSE), Information Systems Security Manager (ISSM), Information Systems Security Officer (ISSO), and other supporting RMF roles.
Each student will receive a Resource CD containing course materials.
What Does the Course Cost?*
*Please inquire on information regarding how you may be eligible for VA funding towards this course tuition.
By check or by credit card. Payment by credit card is taken over-the-phone and at the time of registration.
Please contact firstname.lastname@example.org for more information.
Mobile Training Option
If you would like an instructor to teach at your facility, we offer a Mobile Training Team Package. For more information, please contact email@example.com.
- Course dates are subject to change
- Courses that do not meet minimum enrollment requirements may be canceled and rescheduled