Risk Management Framework (RMF) Assess Step CS105.16

Description: This course covers the procedures for assessing security controls to ensure they are implemented correctly, operate as intended, and successfully meet the security requirements for the information system. Students will learn how to create a security assessment plan and remediate any remaining deficiencies. Assess Step is part of the RMF course curriculum, which provides training to DOD personnel with assessment and authorization responsibilities to help them prepare the organization to manage its security and privacy risks using the Risk Management Framework.

Course Resources: Access this course's resources

Learning Objectives: 

  • Define the purpose of the Assess Step
  • Identify policies and guidelines for the Assess Step
  • Identify the six tasks and associated inputs, outputs, roles and responsibilities in the Assess Step
  • List the six tasks and associated inputs, outputs, roles and responsibilities in the Assess Step

Delivery Method: eLearning

Length: 45 minutes

Target Audience: Department of Defense (DOD) information system users and other U.S. government personnel involved with assessment and authorization using the Risk Management Framework.


  • General Requirements: N/A
  • Clearance Requirements: N/A
  • Attendance Requirements: N/A
  • Exam Requirements: Students must earn a 75 percent grade average on course exams and performance exercises.

Prerequisites: N/A

Credits Recommended/Earned:

  • ACE Credit Recommendation: (What's this?): N/A
  • Professional Development Units per SPēD: PDUs are determined by length of course and IAW with current Certification Maintenance Guidelines

System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.