This course contains a final exam. Students are required to register for the final exam separately in STEPP.

Description: This course introduces the National Industrial Security Program (NISP) Assessment and Authorization (A&A) Process.  The course provides training on the policies and standards used to protect information within computer systems in support of the Defense Security Service's (DSS) mission.  In addition, the course identifies and defines the government and contractor roles and responsibilities.  It also includes the Risk Management Framework as it relates to the A&A Process.

Course Resources: Access this course's resources

Learning Outcomes: This course is designed to enable students to:

  • Define A&A and the purpose of assessing and authorizing contractor information technology systems
  • Identify the legal, regulatory, and contractual requirements that govern the assessment and authorization process
  • Identify and define the government and contractor roles and responsibilities related to the A&A Process
  • Identify and define the components of the Risk Management Process
  • Identify key sources of risk
  • Identify and define security objectives, protection levels, and the need-to-know basis for confidentiality
  • Identify the relationship between system interconnection, information sharing, and securing classified information

Delivery: eLearning

Length: 2 hours

Target Audience: Department of Defense (DoD) information system users and other U.S. Government personnel and contractors within the NISP who have responsibility for evaluating information systems and certifying to the government that information systems meet security requirements

Number of Student per Course: N/A


  • Clearance Requirement: N/A
  • Attendance Requirement: N/A
  • Exam Requirements: Students must earn a 75 percent grade average on the CS150.06 course exam.

Prerequisites: N/A

Credits Recommended/Earned

  • ACE Credit Recommendation: (What's this?) N/A
  • Continuing Education Units per IACET: N/A
  • Professional Development Units per SPeD: N/A

Additional System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.