FISMA 101
Enterprise Risk Management
Certificate Program
Provided by FISMA Center
2 Day Course/ 6 CPE Credits Per Day
Learn FISMA Certification & Accreditation concepts from top practitioners in the field. The emphasis of the course is on security Certification & Accreditation (C&A) concepts so that they can be applied to any security C&A methodology - NIST, DIACAP, NIACAP, DCID 6/ 3, ICD 503, or NISCAP. This course is not a comparison between the different C&A methodologies. Instead it teaches general concepts to create the broad knowledge base necessary in order to position your career for segue into any type of C&A project.
The first two days of the course presents an overview of FISMA compliance requirements and discusses what documentation is needed, and what types of information to include in each document. FISMA 101 is an introductory course. Students should have a basic understanding of information security principles, concepts, and technologies. Although anyone performing security audits can benefit from this course, it is of particular use to U. S. federal agencies that much comply with the Federal Information Security Management Act of 2002 (FISMA).
Related Awards, Degrees or Certifications: Certified FISMA Compliance Practitioner (CFCP)
|
|
||||||||||||||
FISMA 101
Day 1:
Explanation of FISMA Certification and Accreditation terminology;
Types of C&A;
Understanding the C&A process;
Establishing a C&A program;
C&A Project Management;
Preparing the Hardware and Software Inventory;
Determining the C&A Level;
Lab 1: Determine the C&A Level;
Security Awareness & Training;
Creating End-User Rules of Behavior;
Incident Response
Day 2:
Performing the Security Tests & Evaluation;
Conducting a Privacy Impact Assessment;
Performing a Business Risk Assessment;
Preparing a Business Impact Assessment;
Developing an IT Contingency Plan;
Performing a System Risk Assessment;
Developing a Configuration Management Plan;
Developing a System Security Plan;
Lab 2: Diagramming the Network;
Submitting the Certification Package;
Evaluating the Certification Package;
Addressing C&A Findings
Explanation of FISMA Certification and Accreditation terminology;
Types of C&A;
Understanding the C&A process;
Establishing a C&A program;
C&A Project Management;
Preparing the Hardware and Software Inventory;
Determining the C&A Level;
Lab 1: Determine the C&A Level;
Security Awareness & Training;
Creating End-User Rules of Behavior;
Incident Response
Day 2:
Performing the Security Tests & Evaluation;
Conducting a Privacy Impact Assessment;
Performing a Business Risk Assessment;
Preparing a Business Impact Assessment;
Developing an IT Contingency Plan;
Performing a System Risk Assessment;
Developing a Configuration Management Plan;
Developing a System Security Plan;
Lab 2: Diagramming the Network;
Submitting the Certification Package;
Evaluating the Certification Package;
Addressing C&A Findings
About The Training Provider: FISMA Center
FISMA Center - The FISMA Center provides information, resources and training to assist U. S. federal agencies in complying with the Federal Information Security Management Act of 2002.
TRAINING:
The FISMA Center offers FISMA training periodically throughout the year. We can also come to your site to train your staff at your location. Registration typically opens approximately two months prior to a...
