Cybersecurity Risk Management Framework (CRMF) Training

+ View more

Course overview

Course Overview

Become a Job-Ready Cybersecurity Risk Management Framework Professional (CRMF).

To prevent the $2.1T in projected cyber breaches, employers need Certified Cybersecurity Risk Management Framework Professionals who have demonstrated they can implement the NIST Risk Management Framework and FedRAMP. The NIST Risk Management Framework (RMF) and the Federal Risk and authorization Management Program (FedRAMP) are the standards utilized for on-premises and cloud security risk management in the U.S. today.

Our Cybersecurity Risk Management Framework (RMF) hands-on training will validate your NIST RMF project experience and cybersecurity knowledge to employers and gets you the lucrative job you desire.

At the end of the 16 weeks of training, you will have a firm understanding to demonstrate the specific skills required to implement the Assessment and Authorization (A&A) process by utilizing special publications such as NIST and FIPS standards and guidelines. They will be responsible for maintaining the overall security posture of the information/information system owned by either the government or non-governmental organization. Hence, act as a liaison on the other phases of Risk Management Framework (RMF), Assess Security Controls for Federal Information Systems, Select Security Controls, Implement Security Controls, and perform continuous monitoring of information systems. “Class participation” exercises and collaboration reinforce key concepts.

Who Should Attend?

Those who are Citizens of the United States of America.
Those who are Permanent Resident of the United States of America. A permanent resident can also take this training, but there are fewer jobs posted requiring Permanent Resident compared to jobs requiring US Citizens. However, if a Green Card holder decides to take this training, there will be no guarantee of getting a job in a timely manner as opposed to a Citizen, especially in a federal structure.
Those interested in Federal Risk Management (RMF) Implementation.
Those interested in obtaining the ISC2 Certified Authorization Professional (CAP).

Learning Objectives

Introduction to Cybersecurity and Risk Management Framework
RMF Step 0: Preparation
- RMF Step 0 - Preparation Project Task
RMF Step 1: Categorize Information systems
- RMF Step 1 – Categorization Project Task
RMF Step 2: Select Security Controls
- RMF Step 2 – Select Security Control Project Task
RMF Step 3: Implement Security Controls
- RMF Step 3 – Implement Security Control Project Task
RMF Step 4: Assess Security Controls
- RMF Step 4 – Assess Security Control Project Task
RMF Step 5: Authorized Information Systems
- RMF Step 5 – Authorize Information System Project Task
RMF Step 6: Monitor Security Controls
- RMF Step 6 – Monitor Project Task

Delivery Formats

Classroom, Instructor-Led
Online, Instructor-Led
1-On-1 Training
Self-Paced
Corporate Training

Course Durations

16 Weeks (60 Hours)

Materials Required

Laptop – Student Responsibility
- A laptop is required as each student will be required to perform project tasks and exercises that will guide the students learning process.
The laptop must have Adobe Acrobat Reader and Microsoft Office Suite (Word, Excel, PowerPoint, etc.).

What is included

Industry-Relevant Projects (Gain on the job skills)
Microsoft 365 suite access (Duration of the class)
Adobe Acrobat Pro DC (Duration of the class)
Mentorship Program (Duration of the class)
Interview preparation
Resume Building Support
LinkedIn Profile Development
LinkedIn Networking Tips

Hardware Required

Laptop (Windows PC Preferred)
A good quality headset with microphone is Required.
Access to high-speed internet connection.

Key Features of the Cybersecurity Risk Management Framework Training

100% hands-on projects — no exams
Validation you are NIST RMF/FedRAMP job-ready
NIST RMF/FedRAMP project experience employers seek
Taught by industry experts and designed to meet the ever-evolving cybersecurity industry.

JOBS AFTER THIS CRMF TRAINING

Information System Security Manager (ISSM)
Information System Security Officer (ISSO)
Information Assurance Specialist/Analyst
Cybersecurity Specialist/Analyst
Risk Management Framework Analyst
Assessment & Assessment Analyst
Security Control Assessor

Related Certifications

The course includes notes for students studying to take the ISC2 Certified Authorization Professional (CAP) certification.

This certification is a DoD Approved 8570 Baseline Certification and meets DoD 8140/8570 training requirements.

What will i learn?

You Will Learn How To Develop:
System Security Plan (SSP)
Prepare and develop a Security Assessment Plan (SAP)
Create a Security Assessment Report (SAR)
Develop a Plan of Action and Milestones (POA&M)
Security Control Traceability Matrix (SCTM)
Security Requirement Traceability Matrix (SRTM)
E-Authentication Assessment (e-Auth)
FIPS 199 Security Categorization Document
Technical System Description (TSD) / Detailed Architecture Diagram
Privacy Threshold Analysis (PTA)
Privacy Impact Analysis (PIA)
Interconnection Security Agreement (ISA)
Contingency Plan (CP)
Incident Response Plan (IRP)
Configuration Management Plan (CMP)
Hardware and Software Inventory (HW/SW)
Ports, Protocols, and Service (PPS)
Compile ATO or Security Authorization Package
Communicate effectively in business and professional settings

Requirements

All prerequisites are built into the program

Curriculum for this course

76 Lessons 16:48:29 Hours

Week 0 - TruTek Mandatory Onboarding Action Items

8 Lessons 00:00:00 Hours

CRMF Training Syllabus .

Sign Student Training Agreement .

How to Setup Your TruTek Academy Microsoft Account .

CRMF On-Boarding Checklist .

Create your Outlook Signature .

Microsoft 365 & MS Teams Training .

Download Microsoft Teams on Mobile Phone and Laptop/Desktop .

Send Introduction Email To Classmates .

Week 1

10 Lessons 03:28:40 Hours

RMF Step 0 - Preparation .

RMF Step 1 - Categorize Information System .

RMF Step 0 (Prepare) & RMF Step 1 (Categorize) 0:25:00

Week 1 - Research Assignment .

Assignment 1 .

Assignment 2 .

Watch RMF Step 1 - Practical Implementation Demo Video (Mandatory) .

RMF Step 1 - NIST Publication & FIPS Standard .

RMF Step 0 - Prepare Recording 01:56:31

RMF Step 1 - Categorization Recording 01:07:09

Week 2

7 Lessons 04:04:53 Hours

RMF Step 2 - Select Security Control .

RMF Step 2 - Select Security Control 0:25:00

Week 2 - Research Assignment .

Assignment 3 0:30:00

Watch RMF Step 2 - Practical Implementation Demo Video (Mandatory) .

RMF Step 2 - NIST Publication & FIPS Standard .

RMF Step 2 - Select Security Control Recording 03:09:53

Week 3

6 Lessons 02:27:18 Hours

RMF Step 3 - Implement Security Control .

RMF Step 3 - Implement Security Control 0:25:00

Week 3 - Research Assignment .

Watch RMF Step 3 - Practical Implementation Demo Video (Mandatory) .

RMF Step 3 - NIST Publications .

RMF Step 3 - Implement Security Control Recording 02:02:18

Week 4

6 Lessons 03:27:24 Hours

RMF Step 4 - Assess Security Control .

Recording: RMF Step 4 - Assess Security Control 03:02:24

RMF Step 4 - Assess Security Control 0:25:00

Week 4 - Research Assignment .

Watch RMF Step 4 - Practical Implementation Demo Video (Mandatory) .

RMF Step 4 - NIST Publications .

Week 5

10 Lessons 02:09:34 Hours

RMF Step 5 - Authorize Information System .

RMF Step 6 - Monitor .

RMF Step 5 - Authorize Information System 0:30:00

Recording: RMF Step 1 - 4 Recap 00:20:41

Recording: RMF Step 5 - Authorize Information 00:35:16

Week 5 - Research Assignment .

Watch RMF Step 5 & 6 - Practical Implementation Demo Video (Mandatory) .

Recording: RMF Step 6 - Continuous Monitoring 00:43:37

RMF Step 5 & 6 - NIST Publication .

Information System Security Officer (ISSO) Designation - Complete and Sign .

Week 6

5 Lessons 01:10:40 Hours

Project Phase - RMF Step 1 - Categorize Information System Project Guide .

NIST RMF Step 1 - Categorize FAQs .

Schedule for Interview Prep Session .

Recording: Hands-On Project Discussion - February 25th 2023 01:10:40

Tell Me About Yourself Template .

Week 7

5 Lessons 00:00:00 Hours

Project Phase: RMF Step 2 - Select Security Control Project Guide .

Project Phase - RMF Step 3 - Implement Security Control Project Guide .

NIST RMF Step 2 - Select FAQs .

NIST RMF Step 3 - Implement Security Control FAQs .

Schedule for Interview Prep Session .

Week 8

3 Lessons 00:00:00 Hours

Project Phase - RMF Step 3 - Implement Security Control Project Guide - Cont'd .

NIST RMF Step 3 - Implement Security Control FAQs .

Schedule for Interview Prep Session .

Week 9

5 Lessons 00:00:00 Hours

Project Phase: RMF Step 3 - Implement Security Control Project Guide - Cont'd .

Project Phase: RMF Step 4 - Assess Security Control Project Guide .

NIST RMF Step 3 - Implement Security Control FAQs .

NIST RMF Step 4 - Assess Security Control FAQs .

Schedule for Interview Prep Session .

Week 10

3 Lessons 00:00:00 Hours

Project Phase: RMF Step 4 - Assess Security Control Project Guide - Cont'd .

NIST RMF Step 4 - Assess Security Control FAQs .

Schedule for Interview Prep Session .

Week 11

3 Lessons 00:00:00 Hours

Project Phase: RMF Step 4 - Assess Security Control Project Guide - Cont'd .

NIST RMF Step 4 - Assess Security Control FAQs .

Schedule for Interview Prep Session .

Week 12

5 Lessons 00:00:00 Hours

Project Phase: RMF Step 4 - Assess Security Control Project Guide - Cont'd .

NIST RMF Step 4 - Assess Security Control FAQs .

Project Phase: RMF Step 5 - Authorize Information System Project Guide .

NIST RMF Step 5 - Authorize Information System FAQs .

Schedule for Interview Prep Session .