Course Description: Completing Certification & Accreditation (C&A) activities on Major Applications and General Support Systems in accordance with Federal standards (NIST, FIPS, and OMB) is a time-consuming and resource intensive process. This 1/2 day course examines the four (4) Phases of the C&A process, clarifies Roles and Responsibilities, decomposes Tasks and Activities within each phase, and standardizes the C&A package contents.
The instructor will provide cost-effective methods and strategies to reduce C&A complexities associated with each phase. Proven techniques will be discussion topics on how to increase the Return on Investment (ROI) during Risk Assessments, Security Categorization and the validation of security control implementations.
Each attendee will receive an 11X17 chart of the following six (6) Security & Privacy charts as handout material to facilitate discussions:
-
Personal Identifiable Information (PII) Methodology,
- Security Categorization Methodology,
- Security Certification & Accreditation (C&A) Methodology,
- Enterprise Security Program Assessment & Validation Methodology,
- Security Assessment Report Methodology,
- Security Certification and Accreditation Life-Cycle Methodology.
What You Will Learn:
-
Working knowledge of the Four Phases of C&A: Initiation, Certification, Accreditation and Continuous Monitoring
- When to perform C&A, and how to conduct Privacy Management, Security Categorization, Risk Management, and a Security Assessment
- Effective techniques in generating accurate and complete assessment results
- How to evaluate the Certification Package and Accreditation Package documentation for compliance with Federal Standards
Audience: CIO, CISO, ISSO, Program Managers, Security Professionals
Timeline: 4 Hours
Registration Questions and Training Locations:
For questions about registration, scheduling classes, or conducting training at your location, please contact Suzanne Biggs at 202-596-8245 or by e-mail: suzanne@jdbiggs.com.