Applying Assessment & Authorization (A&A) in the National Industrial Security Program (NISP) CS250.16
This course contains a final exam. Students are required to register for the final exam separately in STEPP.
Description: This course is a continuation of the Introduction to the NISP RMF A&A Process Course (CS150.16). This course identifies in-depth the individual phases of the Defense Security Service’s Assessment and Authorization (A&A) Process that is based upon the Risk Management Framework (RMF) methodology and demonstrates how the RMF is applied within the NISP. It also provides training on the policies and standards used to protect information within information systems. It also identifies key characteristics of common system and network types that undergo the A&A Process and provides guidance on templates and attachments required for a successful system package submission. In addition, this course identifies and defines the Government and contractor roles and responsibilities when participating in the A&A Process.
Course Resources: Access this course's resources
Learning Outcomes: This course is designed to enable students to:
- Apply the A&A process in accordance with the guidance set by the NISP Authorization Office (NAO)
- Identify the individual phases of the NISP Authorization Office (NAO) A&A Process
- Identify the contractor and Government-assigned roles and responsibilities in the A&A Process
- Identify components associated with performance of information system threats/risk assessments
- Identify methods of system categorization, control selection, implementation, assessment, authorization, and continuous monitoring of security controls
- Identify key characteristics of common system and network types that undergo the A&A Process
- Recognize the necessary templates and attachments required for a successful System Security Package submission
Length: 3 hours
Target Audience: Department of Defense (DoD) information system users and other U.S. Government personnel and contractors within the NISP who have responsibility for assessing information systems and authorizing to the Government that information systems meet security requirements
Number of Student per Course: N/A
- Clearance Requirement: N/A
- Attendance Requirement: N/A
- Exam Requirements:Students must earn a 75 percent grade average on the CS250.06 course exam.
Prerequisites: Introduction to the NISP RMF A&A Process Course (CS150.16)
- ACE Credit Recommendation: (What's this?) N/A
- Continuing Education Units per IACET: N/A
- Professional Development Units per SPeD: 9
Additional System Requirements: Check if your system is configured appropriately to use STEPP.
CDSE courses are intended for use by Department of Defense and other U.S. Government personnel and contractors within the National Industrial Security Program.