ENG 353 - Selecting, Implementing and Assessing Controls within the RMF
Selecting the appropriate set of security controls helps to achieve organizational operations and objectives. This course provides learners with an understanding of how to select, implement and assess security controls using the NIST SP 800-37 Rev. 2 Risk Management Framework.
After completing this course you will be able to:
- Select and document the controls necessary to protect the information system and organization commensurate with the risk to the organization
- Implement the controls in the security and privacy plans for the system and organization
- Document the specific details of the control implementation in a baseline configuration
- Assess the controls to determine if the controls are implemented correctly, operating as intended, and producing the desired outcomes with respect to satisfying the security and privacy requirements