Implementing the NIST Risk Management Framework (2020)
1h 14mIntermediate2020-10-01
Authors

Ronald Woerner
Professor, Cybersecurity Expert
Course details
Risk management is a key element in any organization's information security and privacy program. The National Institute of Standards and Technology (NIST) provides a Risk Management Framework (RMF) that outlines a process for effectively managing organizational risk. In this course, learn how to implement the NIST RMF to help your organization categorize and effectively manage your security and privacy program throughout the system management lifecycle. Instructor Ronald Woerner provides an in-depth look at each of the seven steps in the NIST RMF process, covering everything from how to prepare for a risk-based approach to security to how to monitor and assess security controls in a system on an ongoing basis. Along the way, he demonstrates how each step is applied in the real world by providing a case study.
Skills covered
Vulnerability ManagementCybersecurityOne-Off
Concepts
0. Introduction
- 01 - Reducing risks using the NIST Risk Management Framework
1. NIST RMF Preparation
- 02 - Preparing for a NIST RMF assessment
- 03 - Case study Introduction
- 04 - Why use a risk-based approach to security
- 05 - Preparing a risk-based approach to security
2. Categorize System
- 06 - How to determine in-scope systems
- 07 - NIST RMF scoping tips, techniques, and perspectives
- 08 - How to inventory critical assets
- 09 - Completing a business impact analysis (BIA)
3. Controls, Selection, and Implementation
- 10 - Comparing common security control frameworks
- 11 - Choosing security frameworks and control levels
- 12 - Applying NIST security controls
4. Assessing Controls
- 13 - Setting NIST RMF assessment goals
- 14 - NIST RMF assessment steps
- 15 - How to analyze NIST RMF assessment results
- 16 - Assessing controls and risk exercise
5. Authorize
- 17 - How officials authorize systems
6. Monitor
- 18 - Setting monitoring goals to meet NIST requirements
- 19 - Examples of monitoring
Conclusion
- 20 - Best practices in implementing the NIST RMF
- 21 - Resources for your NIST RMF journey
Related courses
- Implementing the NIST Risk Management Framework
- Understanding and Implementing the NIST AI Risk Management Framework (RMF)
- AKYLADE Cyber Risk Management Practitioner RMP-001 (A/CRMP) Cert Prep
- The AI Equity Imperative: Building a More Inclusive Future with AI
- Cybersecurity Foundations: Governance, Risk, and Compliance (GRC)
- Implementing the NIST Privacy Framework
- Complete Guide to Enterprise Cyber Defense
- Cyber Asset Management: Securing Digital Resources in the Modern Enterprise
Related learn paths
- Become an IT Security Specialist
- Understanding Generative AI for Tech Leaders
- Cybersecurity Fundamentals
- Advance your Skills as a PHP Developer: Working with Data
- Become a RESTful API Developer
- Getting Started as a Customer Support Specialist
- Prepare for the Google Associate Android Developer Certification
- Prepare for the CompTIA Security+ (SY0-601) Certification Exam