Categorizing Systems and Information within the RMF

The best way to experience our expert and engaging approach is a test drive.

Take this Course for Free

Our Categorizing Systems and Information within the RMF course gives learners an understanding of how to categorize the system and the information using the NIST SP 800-37 Rev. 2 Risk Management Framework. Take the course below to see how our training can boost your organization’s security posture – and touch up your own skills.


This is just one course in our catalog of 230+ computer-based training courses covering the widest range of roles, topics, and subject matter in the industry – not to mention our extensive Learning Path library. Browse through our entire catalog.



Security categorization provides a structured way to determine the criticality and sensitivity of the information being processed, stored, and transmitted by an information system.

As part of this course, learners will understand:

  • Identifying all information types based on the system boundary
  • Categorizing information (processed, stored, or transmitted) by the potential adverse impact that information being compromised as regards confidentiality, integrity, or availability
  • Ensuring the security categorizations are consistent with roles, operating environment, connectivity, and intended use

Training Built to Change Behavior

We designed our interactive courses using proven methodologies so learners can:

  • Experience the results and consequences of their choices in a safe environment
  • Solidify contextual relationships by being shown – not told – what to do
  • Feel like they are in control of the learning experience