This course contains a final exam. Students must register for the exam separately in STEPP and will receive credit for the course upon receiving a passing score.
Description: This course is a continuation of the Introduction to the NISP RMF A&A Process CS150.16. This course identifies the individual phases of the Defense Counterintelligence and Security Agency's (DCSA) Assessment and Authorization (A&A) process, which is based on the Risk Management Framework (RMF) methodology and demonstrates how the RMF is applied within the National Industrial Security Program (NISP). It also provides training on the policies and standards used to protect information within information systems. It also identifies key characteristics of common system and network types that undergo the A&A process and provides guidance on templates and attachments required for a successful system package submission. In addition, this course identifies and defines the Government and contractor roles and responsibilities when participating in the A&A Process.
Course Resources: Access this course's resources
Learning Objectives: This course is designed to enable students to:
- Apply the A&A process in accordance with the guidance set by the NISP Authorization Office (NAO)
- Identify the individual phases of the NAO A&A process
- Identify the contractor and Government-assigned roles and responsibilities in the A&A process
- Identify components associated with performance of information system threats/risk assessments
- Identify methods of system categorization, control selection, implementation, assessment, authorization, and continuous monitoring of security controls
- Identify key characteristics of common system and network types that undergo the A&A process
- Recognize the necessary templates and attachments required for a successful System Security Package submission
Delivery Method: eLearning
Length: 80 minutes
Target Audience: Department of Defense (DOD) information system users and other U.S. Government personnel and contractors within the NISP who are responsible for assessing information systems and certifying to the Government that those information systems meet security requirements.
- General Requirements: N/A
- Clearance Requirements: N/A
- Attendance Requirements: N/A
- Exam Requirements: Students must earn at least a 75 percent grade average on the CS250.06 course exam.
Prerequisites: Introduction to the NISP RMF A&A Process CS150.16
System Requirements: Check if your system is configured appropriately to use STEPP.
CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.