Description: This course is a continuation of the Introduction to the NISP RMF A&A Process CS150.16. This course identifies in-depth the individual phases of the Defense Security Service’s Assessment and Authorization (A&A) Process that is based upon the Risk Management Framework (RMF) methodology and demonstrates how the RMF is applied within the NISP. It also provides training on the policies and standards used to protect information within information systems. It also identifies key characteristics of common system and network types that undergo the A&A Process and provides guidance on templates and attachments required for a successful system package submission. In addition, this course identifies and defines the Government and contractor roles and responsibilities when participating in the A&A Process.

Course Resources: Access this course's resources

Learning Objectives: This course is designed to enable students to:

  • Apply the A&A process in accordance with the guidance set by the NISP Authorization Office (NAO)
  • Identify the individual phases of the NISP Authorization Office (NAO) A&A Process
  • Identify the contractor and Government-assigned roles and responsibilities in the A&A Process
  • Identify components associated with performance of information system threats/risk assessments
  • Identify methods of system categorization, control selection, implementation, assessment, authorization, and continuous monitoring of security controls
  • Identify key characteristics of common system and network types that undergo the A&A Process
  • Recognize the necessary templates and attachments required for a successful System Security Package submission

Delivery Method: eLearning

Length: 3 hours

Target Audience: Department of Defense (DoD) information system users and other U.S. Government personnel and contractors within the NISP who have responsibility for assessing information systems and authorizing to the Government that information systems meet security requirements

Requirements:

  • General Requirements: N/A
  • Clearance Requirements: N/A
  • Attendance Requirements: N/A
  • Exam Requirements: A passing score of 75% on the final exam allows students to print a certificate of successful completion.

Prerequisites: Introduction to the NISP RMF A&A Process CS150.16

Credits Recommended/Earned:

  • ACE Credit Recommendation: (What's this?) N/A
  • Professional Development Units per SPēD: 9

System Requirements: Check if your system is configured appropriately to use STEPP.

CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.