Home - Training

New NIST Essentials and Security Controls In-Depth – 6 Days

This course is a combination of the New NIST Essentials and Security Controls In-Depth courses. We offer this course in the SecureInfo training classroom or via mobile training at your facility for up to 20 students per course. Contact us at training@secureinfo.com or (210) 403-5600 (ask for training) for more information and pricing on mobile training options.

In the spirit of continuing the rapid convergence, NIST, ODNI, DOD, and CNSS initiated an interagency working group in March 2008 to develop a common security authorization process for federal information systems. The new security authorization process changes the traditional focus from the stove-pipe, organization-centric, static-based approaches to C&A and provides the capability to more effectively manage information system-related security risks in highly dynamic environments of complex and sophisticated cyber threats, ever increasing system vulnerabilities, and rapidly changing missions. The process, designed to be tightly integrated into enterprise architectures and ongoing system development life cycle processes, promotes the concept of near real-time risk management, capitalizes on current and previous investments in technology including automated support tools, and takes advantage of over three decades of lessons learned in previous C&A approaches.

The ultimate objective is to be able to provide the right information to senior leaders so they can explicitly manage the security risks to organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, and the Nation arising from the operation and use of information systems.

This new NIST Security Authorization Process which is a new and more efficient way of performing the NIST 800-37 process and our 3-day New NIST Essentials course is a blend of lecture and hands-on exercises to introduce the student to the new Security Authorization Process.

Duration
6 days

Cost of Course: $2700

Laptop Required
Laptops are required for this course, as each student will be asked to create documentation and participate in practical exercises that guide the students learning from Security Authorization Process essentials, fundamental concepts, and Security Authorization Phases to the details of selecting, specifying, implementing, and assessing the security controls. The laptop must have a Web browser, Adobe Acrobat Reader, Excel, and Word. Resource Kits are provided via Thumb Drives for students attending the course, for in-class work, as well as supplemental materials.

Who Should Attend?
This course is intended to serve a diverse group of information system and information security professionals in and supporting the federal government including:

  • Individuals with information system development and integration responsibilities (e.g., program managers, information technology product developers, information system developers, systems integrators)
  • Individuals with information system and security management and oversight responsibilities (e.g., authorizing officials, chief information officers, senior agency information security officers, information system managers, information security managers)
  • Individuals with information system and security control assessment and monitoring responsibilities (e.g., system evaluators, assessors/assessment teams, independent verification and validation assessors, auditors, Inspectors General, or information system owners)
  • Individuals with information security implementation and operational responsibilities (e.g., information system owners, common control providers, information owners/stewards, mission/business owners, information system security engineers/officers).

Register Now

Questions about our corporate training may be directed to training@secureinfo.com, or call 888.677.9351.

Ask about our mobile training capability--it saves you money!