Course Description: The objective of this ½ day course is to provide an overview of seven (7) Security & Privacy methodologies and the way in which these charts can facilitate implementing Security Requirements imposed on systems by the Office of Management and Budget (OMB), the National Institute of Standards and Technology (NIST) Special Publications, and Federal Information Processing Standards (FIPS) Publications. Understanding these requirements will assist the ISSO, System Owners, Program Managers and Stakeholders with the development of strategies and the application of methodologies that will improve the Availability, Confidentiality, and Integrity of Major Applications and General Support Systems.
This 1/2 day seminar concentrates on the requirements defined in the Agency Program 3544b of the E-Government Act, Federal Information Security Management Act (FISMA), as a baseline for understanding the challenges during Certification & Accreditation (C&A), Risk Management, Security Engineering and raising FISMA Scorecards. The instructor will discuss FISMA, Privacy Management, Security Categorization, C&A (NIST SP 800-37), Risk Assessment (NIST SP 800-30), Security Assessment Report (SAR) and strategies to reduce complexities.
Each attendee will receive an 11x17 chart of the following seven (7) security and privacy methodologies as handout material to facilitate discussions:
- Federal Information Security Management Act (FISMA) Methodology,
- Personal Identifiable Information (PII) Methodology,
- Security Categorization Methodology,
- Security Certification & Accreditation (C&A) Methodology,
- Enterprise Security Program Assessment & Validation Methodology,
- Security Assessment Report Methodology,
- Security Certification and Accreditation Life-Cycle Methodology.
What You Will Learn:
· Working knowledge of the five major sections in the FISMA Legislation
· Specific areas and security controls that will be audited by the OIG, OMB and GAO
· How to apply guidance documentation (NIST, FIPS, and OMB) in developing strategies to achieve compliance within each of the 8 components
· Proven methods and strategies to achieve FISMA compliance on Major Applications and General Support Systems
Audience: CIO, CISO, ISSO, System Owners, Program Managers
Timeline: 4 Hours
Registration Questions and Training Locations:
For questions about registration, scheduling classes, or conducting training at your location, please contact Suzanne Biggs at (202) 596-8245 or by e-mail: suzanne@jdbiggs.com.