Preparing to Manage Security and Privacy Risk with NIST's Risk Management Framework

Risk management is a critical element of security and compliance in today's IT infrastructures. This course will demonstrate the advanced skills you need to effectively manage cyber risk, security, and compliance with governance using the RMF.
Course info
Level
Advanced
Updated
Sep 9, 2019
Duration
3h 11m
Table of contents
Course Overview
Reviewing the RMF
Initiating Organizational Preparation
Identifying System Stakeholders and Assets
Preparing the System
Categorizing the System
Preparing for a System Risk Assessment
Performing a System Risk Assessment
Case Study: Globomantics Risk Assessment
Description
Course info
Level
Advanced
Updated
Sep 9, 2019
Duration
3h 11m
Description

Risk is a necessary evil in today’s modern government, corporate, and private networks. Managing this risk is a careful balancing act between art and science, and focuses on three interrelated, critical aspects of systems: risk, system and data security, and compliance with governance. Organizations must have a proven methodology of managing cyber risk, security, and compliance. In this course, Preparing to Manage Security and Privacy Risk with NIST's Risk Management Framework, you will continue your studies on the RMF beyond the fundamentals of the processes and procedures that make up the framework. You will gain the advanced knowledge necessary to apply the methods and techniques presented in the RMF to manage cyber risk in the “real world”. First, you will learn how to categorize systems based on the information they process and their criticality to the organization. You'll also learn how to manage risk stakeholder needs, and ensure that both the organization and the target systems are prepared to undergo the RMF lifecycle. Next, you will see how controls are baselined and implemented on systems, and how to realistically assess those controls. Finally, you will discover system accreditation decisions and how to make sure your system gets its Authorization to Operate, as well as conduct continuous risk monitoring. By the end of this course, you'll be thoroughly knowledgeable on what it takes to actually manage a system throughout its RMF lifecycle.

About the author
About the author

Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.

More from the author
More courses by Bobby Rogers
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] everyone. My name is Bobby Rogers and welcome to the preparing to manage security and privacy risks with n'est risk management framework Course. I'm a cyber security analyst, and I worked as a contractor securing information systems and data for the US government specializing in cyber risk management. Are you familiar with the Army steps and processes but find it difficult to actually implement the Army in the Rhea world? The federal government requires that all of its systems be authorized to operate before they could be put on the network using the nest risk management framework or are in mouth. That's why we've produced this course that covers how to actually implement the steps of the Army on your systems. We're going to discuss and demonstrate the key tasks you need to perform to effectively manage security, risk and privacy using the arm off. Some of the major topics that we will cover include the system and risk stakeholders preparing the organization systems for the arm of life cycle, implementing and managing security controls, and preparing for and executing a system level assessment. By the end of this course, you'll understand how to apply the arm F to manage security and privacy on your systems as well as me compliance requirements. Before beginning this course, you should be familiar with basic risk management concepts and the arm if life cycle as well as security management processes. I hope you'll join me on this journey to learn about the Army F with the preparing to manage security and privacy risks with the NIST Risk Management Framework course at plural site.