.jpg?ext=.jpg)
NIST Offers Free Introductory Course on Risk Management Framework
The NIST Risk Management Framework is a valuable tool in the effort to strengthen your company’s cybersecurity. Although it is not tied to a specific certification, learning more about the NIST Risk Management Framework will create a strong foundation on which to build compliance with other cybersecurity standards and rules.
About the Course
The course is a self-guided run-through of a recorded presentation. The entire presentation takes approximately an hour.
The course is detailed, comprehensive, and easy to understand. There are lists throughout of additional resources that can supplement the course, so if there is a concept you want to study in more detail, it will be easy to know where to go next.
Major Concepts of the NIST RMF
The course runs through seven major components of the NIST Risk Management Framework. Those are:
- Prepare: Prepare the organization to deal with potential risks.
- Categorize: Determine how the data in your organization is processed, stored, and transmitted. This exercise will also assist in setting the scope for your NIST SP 800-171r2.
- Select: What controls out of NIST 800-53 will best help protect your organization?
- Implement: How will the controls be executed in the organization?
- Assess: Check to see how the controls are working and see if any changes need to be made.
- Authorize: An official makes the framework official for the organization.
- Monitor: The NIST Risk Management Framework is not a “one and done.” Everything implemented needs to be constantly monitored, especially because the business environment is changing so quickly and so often.
Where to Find the Course
NIST makes this and other courses available here. Again, the courses are completely free. You also do not need to complete the entire course in one sitting. The course will keep your place, so you can return to it as time allows.
If you have questions about your cybersecurity strength, take our cybersecurity self-assessment to see where you stand. If you have other questions please feel free to contact one of our cybersecurity experts.