Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Implementing the NIST Risk Management Framework

Implementing the NIST Risk Management Framework

1h 42mIntermediate2024-10-28

Authors

Ronald Woerner

Ronald Woerner

Professor, Cybersecurity Expert

Course details

As the industry standard, the U.S. National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) process provides a simple way for organizations to categorize and effectively manage their security and privacy programs throughout the system management lifecycle. In this course, Ron Woerner—a noted speaker and writer in the security industry—shows you how organizations of all types and sizes can manage their security and privacy risks. Learn about each step in detail, go over a sample case study, and consider how to practice implementation in your own organization. Explore challenges and solutions to gain real-world experience with the process. Plus, gain hands-on experience with the related NIST Special Publications. By the end of this course, you will be well-versed in the NIST RMF, how to implement it, and how to manage each step for your own organization.

Learning objectives
Assess techniques for implementing the NIST Risk Management Framework in various organizational contexts.
Adapt methods for identifying, managing, and mitigating compliance risks for a sample or real-world organization, considering its specific requirements and constraints.
Interpret case studies showcasing how sample organizations successfully solved common security problems by applying the NIST Risk Management Framework.
Evaluate relevant publications, procedures, and tools for effectively implementing the NIST Risk Management Framework's Seven Steps within an organization.
Choose and recommend best practices for conducting comprehensive NIST Risk Management Framework assessments tailored to organizations of diverse sizes, structures, and industry sectors.

Skills covered

Vulnerability ManagementGovernance, Risk, and ComplianceCybersecurityOne-Off

Concepts

0. Introduction

  • 01 - Managing risks using a standard framework

1. NIST RMF Preparation

  • 02 - Preparing for a NIST Risk Management Framework (RMF) assessment
  • 03 - Taking a risk-based approach for security
  • 04 - NIST RMF Prepare step
  • 05 - NIST RMF Resources

2. Categorizing Systems

  • 06 - Determining in-scope systems
  • 07 - Identifying and inventorying information systems and data
  • 08 - System Categorization Process
  • 09 - Using a Business Impact Assessment for system categorization
  • 10 - Categorization terms and resources

3. Control Selection and Implementation

  • 11 - Selecting security and privacy controls
  • 12 - Security controls
  • 13 - Security control baselines
  • 14 - Security control implementation

4. Assessing Controls

  • 15 - Establishing NIST RMF assessment goals
  • 16 - NIST RMF assessment steps
  • 17 - Documenting risk assessment results

5. Authorizing Systems

  • 18 - Authorize - Risk analysis
  • 19 - NIST Authorization process

6. Monitor

  • 20 - Establishing monitoring goals
  • 21 - Scenario - Continuous monitoring examples
  • 22 - Continuous monitoring strategy

Conclusion

  • 23 - Best practices in implementing the NIST RMF

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal