Risk Management Framework (RMF) Step 5: Authorizing Systems CS106.16
This course does not have a final exam.
Description: This course covers the roles and responsibilities of key stakeholders as they relate to completing, submitting, and approving system authorization packages. This course explores the authorization process from the perspectives of both the system owner and the Authorizing Official, including development of a Plan of Actions and Milestones (POA&M) and the cognizant acceptance of risk.
Course Resources: N/A
This course enables students to:
- Prepare a POA&M
- Assemble and submit the security authorization package to the Authorizing Official
- Recognize and describe the overall risk based on artifacts submitted
- Define key resources to make a risk acceptance decision
Length: 30 minutes
Target Audience: Department of Defense (DoD) information system users and other U.S. Government personnel and contractors within the National Industrial Security Program
Number of Student per Course: N/A
- Clearance Requirement: N/A
- Attendance Requirement: N/A
- Exam Requirements: N/A
- ACE Credit Recommendation: (What's this?) N/A
- Continuing Education Units per IACET: N/A
- Professional Development Units per SPeD: 1.5
Additional System Requirements: Check if your system is configured appropriately to use STEPP.
CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.