• Online, Instructor-Led
Course Description

Integrating on-premise and cloud systems risk management, students apply the NIST RMF (Steps 4-6)/FedRamp (Steps 2-4) as they complete project deliverables and communicate project results. In addition, students develop in-depth analytic competencies by applying the Common Body of Knowledge (CBK) of the Certified Authorization Professional (CAP) to relevant risk management problems.


Learning Objectives

Analyze a complete System Security Plan (SSP)|Complete a Security Assessment Report (SAR)|Develop a Plan of Action and Milestones (POA&M)|Compile and submit a Security Authorization Package|Evaluate the Continuous Monitoring processes|Evaluate ongoing security posture and appropriate documents|Compare and contrast the relationship between Certified Authorization Professional (CAP) domains and the NIST RMF|Apply secondary research to cybersecurity challenges|Prepare a Security Test Plan (STP)|Apply knowledge of the role of security assessment and the Security Control Assessor in the continuous monitoring process|Create a transition strategy to the revised risk management framework (RMF)


Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.