RMF-CAP | learnsecurity-org

Risk Management Framework (RMF) & (ISC)2 CAP

Syllabus

Links

Risk Management Framework (RMF) & (ISC)2 CAP
32 Hours

This course covers essential skills and knowledge concerning the Risk Management Framework (RMF) as defined by the National Institute of Standards and Technology (NIST) in support of Federal Information Security Management Act (FISMA). In addition, this course prepare the student for the (ISC)2 CAP (Certified Authorization Professional formerly the Certification and Accreditation Professional) exam.

College: N/A Contract Course - Contract Instructor for more information.

Availability
Online during the day Pacific time

In person during winter or summer break

Audience Recommended Prerequisites

The student should have experience, knowledge, or skills in any of the following areas:

Information Assurance and IT Security
Information Risk Management
Certification, system testing and continuous monitoring
Systems Administration
1 - 2 years of general technical experience
2 years of general systems experience
1 - 2 years of database/systems development/network experience
Information Security Policy
Technical or auditing experience within government, the U.S. Department of Defense, the financial or heath care industries, and/or auditing firms
Strong familiarity with NIST documentation

Recommended Texts
Official (ISC)2® Guide to the CAP® CBK®, Second Edition by Patrick D. Howard
Jul 18, 2012
ISBN-13: 978-1439820759
Available at Amazon

Student Learning Outcomes

Describe the the six steps of the risk management framework
Describe the processes and tasks necessary for the risk management framework

Measurable Objectives

At the completion of the course, students should be able to describe and comprehend:

The risk management approach to security authorization
The risk management framework steps
Roles and responsibilities related to the risk management framework
The relationship between the RMF and SDLC
The relationship between the RMF and DIACAP
The relationship between the RMF and NIACAP
The risk management framework in relation to Critical Infrastructure and Cyber Security
The legal regulatory and other requirements for security authorization
Common controls and security control inheritance
Ongoing monitoring strategies
The categorization of the system
Information systems security boundaries
Selecting and documenting security controls
How to develop a security control monitoring strategy
The need for review and approval of the system security plan
How to implement selective security controls and document the implementation
How to prepare for security control assessment
How to establish a security control assessment plan
How to determine the security control effectiveness
How to develop the initial security assessment report
The need for remediation actions
How to develop a plan of actions and milestones
The needed documentation for security authorization package
Risk Assessment and Management
Acceptable risk
The impact of changes to systems and environments
The need to perform ongoing security control assessments
The need for conduct ongoing remediation actions
Updating the documentation understand the need to perform periodic security status reports
The need and perform ongoing risk determination acceptance
Issues related to decommissioning or removing a system

Course Outline (Lessons)

(ISC)2 CAP Certification
Introduction
Building a Successful Program
RMF Roles and Responsibilities
The RMF Life Cycle
Why RMF Programs Fail or Lack Efficiency
RMF Project Planning
System Categorization and Definition
Security Categorization
Information Systems Boundaries
Security Control Selection and Documentation
Minimum Security Baselines and Best Practices
System Security Plan (SSP)
Control Implementation
Prioritized Approach
Configuration Management
Security Procedures
Coordinating Security for Interconnected Systems
Assessing Security Controls
Remediation Planning
Essential RMF Documentation
Assessing Risk
Documenting the Authorization Decision
Continuous Monitoring
Contingency Planning
Security Awareness
Incident Response
Framework for Improving Critical Infrastructure Cybersecurity
Review

Pre-class Preparation
In order to get the most out of this class, please complete the following tasks before attending the class. If you do not complete these tasks before the class, make sure you have time to complete these before you take the exam.
Important Reading

Download and read through the following documents:

The latest version of the "CAP Candidate Information Bulletin" available on the (ISC)2 website - registration required: http://www.isc2.org/cib/default.aspx

Read the Official (ISC)2 book:

Official (ISC)2 Guide to the CAP CBK (Second Edition)

You may notice from the CAP Candidate Information Bulletin that is stresses NIST documents. The main document is NIST SP 800-37 Rev 1 (or latest revision). This is a must read. If you don’t read it, the probability that you will pass the exam is greatly diminished. Read through the following documents:

Recommended Additional Reference Materials
If time permits read the list of NIST and other documents listed in the CAP Candidate Information Bulletin.

Understanding NIST documents is the key to passing this exam. Read as many of them listed in the CAP Candidate Information Bulletin as you can. Most importantly: first and foremost you need to read NIST SP 800-37 Rev 1.

NIST SP Publications can be found at the following website: http://csrc.nist.gov/publications/PubsSPs.html

Optional Activities (If time permits)
Read through the following documents: