RMF Information Security Continuous Monitoring Training

Course Duration

1 Day

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

A prerequisite to this course is a strong understanding of RMF, and it is highly recommended students complete the 4-day RMF training program prior to registration.

Course Description

This course covers the principles and practices of Information Security Continuous Monitoring (ISCM) as defined by NIST and required under the RMF. Students learn how to develop and implement an ISCM strategy, define metrics and monitoring frequencies, analyze security data, and maintain ongoing situational awareness of an organization's security posture.

Course Outline

Course Topics

• Define Strategy: Setting risk tolerance and monitoring frequencies.
• Establish Program: Roles, responsibilities, and resource allocation.
• Implement: Deploying sensors and collecting security data.
• Analyze & Report: Turning raw data into actionable risk intelligence.
• Respond: Mitigation strategies for findings and POA&M updates.
• Review & Update: Maturing the ISCM strategy over time.