RMF ISSO Foundations Course – Bruce Brown

*** Proof of Product ***

Exploring the Essential Features of “RMF ISSO Foundations Course – Bruce Brown”

What you get in the course:

• Templates / Resources
  Get the tools you need: downloadable templates of Plan of Action and Milestone (POAMs), System Security Plan (SSP) as well as crucial resources and references to dive deeper.
• Audio Book
  Download the MP3 of the course and listen to it on your phone.

Course curriculum

1 Welcome to the course!

• Welcome to the Course!
• How to use this course
• What you get from RMF/ISSO

2 Being an ISSO

• Being an ISSO
• ISSO 101
• Profile of an ISSO
• How Technical Do You Need to Be as an ISSO?
• Certs and Degrees for ISSOs
• Information System Security Officer (ISSO) Guide (DHS)
• I want to know about YOU!

3 RMF ISSO Intro

• What is RMF?
• RMF 101
• NIST SP 800-37 r2, Risk Management Framework for Information Systems and Organizations
• NIST SP 800-37r1, Guide for Applying the Risk Management Framework to Federal Information Systems (replaced dec 2019)
• Risk Management Framework Resources
• 0_RMF ISSO Intro
• 1_RMF ISSO Sample Systems

4 Prepare

• Prepare: Tasks
• Prepare: Points of Contact
• Prepare: Minutes, Hardware / Software, Diagrams
• RMF Prepare 101
• Stakeholders POC, Hardware, Software (downloadable)
• NIST SP 800-37 Rev 2, Risk Management Framework for Information Systems and Organizations
• NIST SP 800-37 Rev 1, Guide for Applying the Risk Management Framework to Federal Information Systems
• Security Plan (sample)
• RMF ISSO Preparation
• Resource for RMF Prepare

5 Categorize

• Category: System Description
• Categorize Quiz 1
• Category: Information Type 1: NIST 800-60 Vol 2
• Category: Security Category Determined By Impact Level
• Categorize Quiz 2
• NIST SP 800-60v2r1, Appendices to Guide for Mapping Types of Information and Information
• Systems to Security Categories
• NIST FIPS 199, Standards for Security Categorization of Federal Information and Information Systems
• Category: Security Category High Water Mark
• Categorize Quiz 3
• Concept of Operations Template (downloadable
• Category: System Security Plan
• NIST SP 800-18 r1, Guide for Developing Security Plans for Federal Information Systems
• System Security Plan Excel(downloadable)
• Information System Security Plan Template
• NIST 200, Minimum Security Requirements for Federal Information and Information Systems
• RMF ISSO Categorize

6 Select

• Select: Intro
• Select: Baseline Controls
• Select: Tailor Controls
• Select: Allocation
• Select: Documentation
• Select: Monitoring
• Select: Approval
• NIST SP 800-53 r4, Security and Privacy Controls for Federal Information Systems and Organizations
• NIST SP 800-53 r5 (draft), Security and Privacy Controls for Information Systems and Organizations
• Example of a System that does RMF – eMASS STEP by STEP
• RMF ISSO Selection

7 Implement

• Implement: Work with Subject Matter Experts
• Implement: DIY Implementation
• Implement: Resources
• RMF ISSO Implement

8 Assess

• Assess: Tasks Intro
• Assess: What Happens During Assessments?
• Assess: Resources
• NIST SP 800-53A r4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations
• NIST 800-30 v1, Risk Assessment
• RMF ISSO Assess

9 Authorize

• Authorize
• RMF ISSO Authorize

10 Monitor

• Continuous Monitor
• NIST SP 800-137, Information Security Continuous Monitoring
• RMF ISSO Monitor

11 About me

• About me
• My Resume as a ISSO
• How to Contact Me

12 Case Study: DNC Hack (Large Organization with No RMF)

• Cyberwar Mueller Report Cybersecurity (Part 1)
• Cyberwar Mueller Report Cybersecurity (Part 2)

13 RMF ISSO Interview

• The RMF ISSO Interview

14 RMF ISSO Audio (~6 hours, MP3 Downloadable)

• RMF ISSO Foundations (Audio only)

15 Risk Management vs Risk Assessment

• RMF ISSO 800-30 vs 800-37 (video coming soon)

16 RMF ISSO Book

• RMF ISSO Foundation CONTROLS v8

Please see the full list of alternative group-buy courses available here: https://lunacourse.com/shop/