Risk Management Framework (RMF) Select Step CS103.16

Description: This course provides training on selecting, tailoring, and documenting the controls necessary to protect the information system and organization commensurate with risk to organizational operations and assets, individuals, other organizations, and the Nation.  Select Step is part of the RMF course curriculum, which provides training to DOD personnel with assessment and authorization responsibilities to help them prepare the organization to manage its security and privacy risks using the Risk Management Framework.

Course Resources: Access this course's resources

Learning Objectives: 

  • Describe the purpose of the Select Step
  • Identify policies and guidelines for the Select Step
  • Identify tasks, potential inputs, and expected outputs, roles and responsibilities within the Select Step
  • Describe the six tasks and associated inputs, outputs, roles, and responsibilities in the Select Step

Delivery Method: eLearning

Length: 35 minutes

Target Audience: Department of Defense (DOD) information system users and other U.S. government personnel involved with assessment and authorization using the Risk Management Framework.


  • General Requirements: N/A
  • Clearance Requirements: N/A
  • Attendance Requirements: N/A
  • Exam Requirements: Students must earn a 75 percent grade average on course exams and performance exercises.

Prerequisites: N/A

Credits Recommended/Earned:

  • ACE Credit Recommendation: (What's this?): N/A
  • Professional Development Units per SPēD: PDUs are determined by length of course and IAW with current Certification Maintenance Guidelines

System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.