Successful completion of this exam will demonstrate a candidate's ability to understand and implement the Information and Communication Technology (ICT) Supply Chain Risk Management (SCRM) practices. The candidate will be able to integrate an organization-wide risk management process and exhibit their knowledge on the system development life cycle (SDLC), information system boundaries, and security control allocations. The candidate will have a strong understanding of each step in the Risk Management Framework (RMF). They will be able demonstrate their ability to implement security and privacy controls for federal information systems and other organizations.
Successful completion of this exam will demonstrate the candidate's ability to comprehend information and communication technology supply chain risk management practices. The candidate shall understand all aspects of the Risk Management Framework (RMF).