JDBiggs & Associates is offering three (3) Security & Privacy Training courses covering the content of our seven (7) methodologies. These courses are designed to make systems and facilities Federal Information Security Management Act (FISMA) compliant. Three (3) course topic areas have been identified allowing Commercial and Federal Agency resources to select their particular area(s) of interest. All courses have been developed for half-day sessions, and the addition of courses may increase to a full training day.
The following three (3) courses are being currently being offered:
- Security & Privacy Overview
Introduction to seven Security & Privacy Methodologies: (1) FISMA, (2) Privacy, (3) Security Categorization, (4) A&A, (5) Risk Assessment, (6) SAR, and (7) A&A Life-cycle.
- Risk Management and Continuous Monitoring
Concentration on conducting Risk Assessments, as defined by NIST SP 800-30 and performing Continuous Monitoring, as defined by NIST SP 800-53A.
- Security & Privacy Strategies
This half-day course examines the four (4) Phases of the A&A process, clarifies Roles and Responsibilities, decomposes Tasks and Activities within each phase, and standardizes the A&A package contents.
The three (3) Security & Privacy Training courses are based on the following methodologies:
- Federal Information Security Management Act (FISMA) Methodology
- Personal Identifiable Information (PII) Methodology
- Security Categorization Methodology
- Security Certification & Accreditation (A&A) Methodology>
- Enterprise Security Program Assessment & Validation Methodology
- Security Assessment Report Methodology
- Security Certification and Accreditation Life-Cycle Methodology
Each of these methodologies is in graphical (chart) format and can be purchased in print or digital copy. These charts will be provided along with additional handout material for the General Session. Selected charts will be provided during the Risk Management, Continuous Monitoring, and Security & Privacy Strategies.
- Improve the Confidentiality, Integrity, and Availability of security controls on Major Applications and General Support Systems
- Provide Education, Training, and Awareness on FISMA, NIST, FIPS & OMB requirements to Security & Privacy Professionals, Contractors and selected Stakeholders
- Train Security Professionals and Contractors on Vulnerability Assessment and Penetration Testing software tools, and Techniques in the Analysis of Generated Reports
- Provide Industry and Government Best Practices in conducting Certification & Accreditation (A&A) and Risk Management, in accordance with Federal Standards (NIST, FIPS & OMB)
- Achieve Annual Security Training Requirements.
- Commercial Organizations
- Federal Agencies
- Operating Units / Administrations
- Chief Information Officers (CIO
- Chief Security Officers
- Senior Information Technology Security Officers (SITSO)
- Information System Security Officers (ISSO)
- System Owners
- Program Managers and Security Professionals
All course instructors are Industry and Government Subject-Matter-Experts in the selected topic material. Instructors possess hands-on experience performing Security Engineering, Systems Integration, Privacy Management, Security Categorization, A&A, as-well-as Risk Management on Legacy and Modernization Major Applications and General Support Systems. Instructors are degreed professionals, with 25+ years experience and hold industry-recognized certifications: CAP, CISSP, CISA, CISM, and CBCP.