{"product_id":"nist-training-assess-manage-risk","title":"NIST Training: Assess \u0026 Manage Risk","description":"\u003cdiv\u003e\n\u003ch3\u003e\u003cstrong\u003eRisk Assessment \u0026amp; Management Training for the US Government\u003c\/strong\u003e\u003c\/h3\u003e\r\n\u003cp\u003eThis NIST (National Institute of Standards and Technology) Cybersecurity Framework training course will teach US (United States) Government cybersecurity staff to protect their organization from unacceptable losses by effectively assessing and managing risk. Through \u003cstrong\u003eNIST training\u003c\/strong\u003e, they will learn how to employ the NIST Cybersecurity Framework defined by The NIST and ensure their organization meets the cyber security laws and regulations imposed on all US Government agencies. \u003c\/p\u003e\r\n\u003cul\u003e\r\n\u003cli\u003eAttendees receive a complete set of course notes and a workbook containing all the course workshops\u003c\/li\u003e\r\n\u003cli\u003eEvery source document used in developing the course may be downloaded from the NIST Website free of charge\u003c\/li\u003e\r\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch3\u003eNIST Training: Assess \u0026amp; Manage Risk Benefits\u003c\/h3\u003e\n\u003cul\u003e\u003cli\u003e\n\u003cp\u003e\u003cstrong\u003eIn this NIST training course, you will learn how to: \u003c\/strong\u003e\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eImplement the NIST Risk Management Framework for assessing and managing your organization's information infrastructure risks. \u003c\/li\u003e\n\u003cli\u003eSelect and implement security controls that satisfy \u003cabbr title=\"Federal Information Security Modernization\"\u003eFISMA\u003c\/abbr\u003e, OMB (Office of Management and Budget), and Department\/Agency requirements. \u003c\/li\u003e\n\u003cli\u003eMaintain an acceptable security posture over the system life cycle. \u003c\/li\u003e\n\u003cli\u003eApply FedRAMP-compliant cloud-based solutions. \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/li\u003e\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\u003ch3\u003eNIST Training Course Outline\u003c\/h3\u003e\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 1: Introduction to Risk Assessment and Management\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eEnsuring compliance with applicable laws, regulations, policies, and directives \u003c\/li\u003e\n\u003cli\u003eProtecting the organization from unacceptable losses \u003c\/li\u003e\n\u003cli\u003eDescribing the NIST RMF (Risk Management Framework) \u003c\/li\u003e\n\u003cli\u003eApplying NIST risk management processes \u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 2: Characterizing System Security Requirements\u003c\/h4\u003e\n\u003cp\u003eDefining the system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrescribing the system security boundary\u003c\/li\u003e\n\u003cli\u003ePinpointing system interconnections\u003c\/li\u003e\n\u003cli\u003eIncorporating characteristics of ICS (Industrial Control Systems) and \u003cabbr title=\"Federal Risk and Authorization Management Program\"\u003eFedRAMP\u003c\/abbr\u003e-compliant cloud-based systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eIdentifying security risk components\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEstimating the impact of compromises to confidentiality, integrity, and availability\u003c\/li\u003e\n\u003cli\u003eAdopting the appropriate model for categorizing system risk\u003c\/li\u003e\n\u003cli\u003eSpecialized considerations for U.S. Government classified information\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eSetting the stage for successful risk management\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eDocumenting critical risk assessment and management decisions in the SSP (System Security Plan)\u003c\/li\u003e\n\u003cli\u003eAppointing qualified individuals to risk governance roles\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 3: Selecting Appropriate Security Controls\u003c\/h4\u003e\n\u003cp\u003eAssigning a security control baseline\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eInvestigating security control families\u003c\/li\u003e\n\u003cli\u003eDetermining the baseline from system security impact\u003c\/li\u003e\n\u003cli\u003eSpecialized considerations for NSS (National Security Systems)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eTailoring the baseline to fit the system\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eExamining the structure of security controls, enhancements, and parameters\u003c\/li\u003e\n\u003cli\u003eBinding control overlays to the selected baseline\u003c\/li\u003e\n\u003cli\u003eGauging the need for enhanced assurance\u003c\/li\u003e\n\u003cli\u003eDistinguishing system-specific, compensating, and non-applicable controls\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 4: Reducing Risk through Effective Control Implementation\u003c\/h4\u003e\n\u003cp\u003eSpecifying the implementation approach\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eMaximizing security effectiveness by \"building in\" security\u003c\/li\u003e\n\u003cli\u003eReducing residual risk in legacy systems via \"bolt-on\" security elements\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eApplying NIST controls\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEnhancing system robustness through selection of evaluated and validated components\u003c\/li\u003e\n\u003cli\u003eCoordinating implementation approaches to administrative, operational, and technical controls\u003c\/li\u003e\n\u003cli\u003eProviding evidence of compliance through supporting artifacts\u003c\/li\u003e\n\u003cli\u003eImplementing CNSSI-1253 for national security systems\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 5: Assessing Compliance Scope and Depth\u003c\/h4\u003e\n\u003cp\u003eDeveloping an assessment plan\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003ePrioritizing depth of control assessment\u003c\/li\u003e\n\u003cli\u003eOptimizing validation through sequencing and consolidation\u003c\/li\u003e\n\u003cli\u003eVerifying compliance through tests, interviews, and examinations\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eFormulating an authorization recommendation\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eEvaluating overall system security risk\u003c\/li\u003e\n\u003cli\u003eMitigating residual risks\u003c\/li\u003e\n\u003cli\u003ePublishing the POA\u0026amp;M (Plan of Action and Milestones), the risk assessment and recommendation\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 6: Authorizing System Operation\u003c\/h4\u003e\n\u003cp\u003eAligning authority and responsibility\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eQuantifying organizational risk tolerance\u003c\/li\u003e\n\u003cli\u003eElevating authorization decisions in high-risk scenarios\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003cp\u003eForming a risk-based decision\u003c\/p\u003e\n\u003cul\u003e\n\u003cli\u003eAppraising system operational impact\u003c\/li\u003e\n\u003cli\u003eWeighing residual risk against operational utility\u003c\/li\u003e\n\u003cli\u003eIssuing ATO (Authority to Operate)\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e\u003cdiv\u003e\n\u003ch4\u003eModule 7: Maintaining Continued Compliance\u003c\/h4\u003e\n\u003cul\u003e\n\u003cli\u003eJustifying continuous reauthorization\u003c\/li\u003e\n\u003cli\u003ePreserving an acceptable security posture\u003c\/li\u003e\n\u003c\/ul\u003e\n\u003c\/div\u003e","brand":"Learning Tree","offers":[{"title":"268A93US \/ 2026-08-18T09:00:00 \/ Herndon, VA","offer_id":47534210089179,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"267D50US \/ 2026-07-14T09:00:00 \/ Herndon, VA","offer_id":48216549949659,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"26BC55US \/ 2026-11-17T09:00:00 \/ Herndon, VA","offer_id":48216549982427,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"271C36US \/ 2027-01-12T09:00:00 \/ Herndon, VA","offer_id":48216550015195,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"273B88US \/ 2027-03-16T09:00:00 \/ Herndon, VA","offer_id":48377302122715,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true},{"title":"275C36US \/ 2027-05-18T09:00:00 \/ Herndon, VA","offer_id":48780664864987,"sku":"US-2051-IL","price":2512.0,"currency_code":"USD","in_stock":true}],"url":"https:\/\/learningtreeinternational-dirinfosec-hhs.myshopify.com\/products\/nist-training-assess-manage-risk","provider":"Learning Tree International","version":"1.0","type":"link"}