Learn how to implement the Risk Management Framework through a comprehensive case study and hands on lab-based approach
Introduction Laws, Regulation and Guidance The Joint Task Force Transformation Initiative Key Positions and Roles Transition from the Four-Phase Certification and Accreditation Cycle The RMF Integrated Organization-Wide Risk Management Lab Organization Phase 1: System Categorization Phase 2: Control Selection Phase 3: Control Implementation Phase 4: Control Assessment Phase 5: System Authorization Phase 6: Continuous Monitoring Use of RMF in Other Environments Future Planned Changes Use with Other Compliance Requirements Appendices
James Broad (CISSP, C|EH, CPTS, Security+, MBA) is the President and owner of Cyber-Recon, LLC, where he and his team of consultants specialize in Information Security, Information Assurance, Certification and Accreditation and offer other security consultancy services to corporate and government clients. As a security professional with over 20 years of real-world IT experience, James is an expert in many areas of IT security, specializing in security engineering, penetration testing, vulnerability analysis and research. He has provided security services in the nation's most critical sectors including defense, law enforcement, intelligence, finance and healthcare.
"Writing for technical, administrative, and management professionals within the US government, information security consultant Broad explains the basics of the risk management framework as it pertains to the systems development life cycle of federal information technology systems, and suggests how to use this information during the development, assessment, and continuous monitoring of those systems." --Reference & Research Book News, December 2013