This course contains a final exam. Students must register for the exam separately in STEPP and will receive credit for the course upon receiving a passing score.

Description: This course is a continuation of the Introduction to the NISP RMF A&A Process CS150.16. This course identifies the individual phases of the Defense Counterintelligence and Security Agency's (DCSA) Assessment and Authorization (A&A) process, which is based on the Risk Management Framework (RMF) methodology and demonstrates how the RMF is applied within the National Industrial Security Program (NISP). It also provides training on the policies and standards used to protect information within information systems. It also identifies key characteristics of common system and network types that undergo the A&A process and provides guidance on templates and attachments required for a successful system package submission. In addition, this course identifies and defines the Government and contractor roles and responsibilities when participating in the A&A Process.

Course Resources: Access this course's resources

Learning Objectives: This course is designed to enable students to:

• Apply the A&A process in accordance with the guidance set by the NISP Authorization Office (NAO)
• Identify the individual phases of the NAO A&A process
• Identify the contractor and Government-assigned roles and responsibilities in the A&A process
• Identify components associated with performance of information system threats/risk assessments
• Identify methods of system categorization, control selection, implementation, assessment, authorization, and continuous monitoring of security controls
• Identify key characteristics of common system and network types that undergo the A&A process
• Recognize the necessary templates and attachments required for a successful System Security Package submission

Delivery Method: eLearning

Length: 80 minutes

Target Audience: Department of Defense (DOD) information system users and other U.S. Government personnel and contractors within the NISP who are responsible for assessing information systems and certifying to the Government that those information systems meet security requirements.

Requirements:

• General Requirements: N/A
• Clearance Requirements: N/A
• Attendance Requirements: N/A
• Exam Requirements: Students must earn at least a 75 percent grade average on the CS250.06 course exam.

Prerequisites: Introduction to the NISP RMF A&A Process CS150.16

Credits Recommended/Earned:

• ACE Credit Recommendation: (What's this?): N/A
• Professional Development Units per SPēD: PDUs are determined by length of course and IAW with current Certification Maintenance Guidelines
• Continuing Education Units (CEUs): Contact CompTIA to find out about CEUs for this course.

System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.