Series 1 — The Law: FISMA Deep Dive | The Law Behind the RMF — FISMA, OMB A-130, and EO 14028 - Cybersecurity Coach

Course Content

Series

0/33

Series 0 — ClearPath Gets the Contract | The Program Manager Walks In: ‘We Got the DoD Contract. Now We Need the ATO.’

Series 1 — The Law: FISMA Deep Dive | The Law Behind the RMF — FISMA, OMB A-130, and EO 14028

Series 2 — Step 0: Prepare | Step 0: Prepare — The Step Everyone Skips and Why That Kills ATOs

Series 3 — Step 1: Categorize | Step 1: Categorize — FIPS 199 + NIST SP 800-60

Self-Practice 1 — NEPMS | Self-Practice 1 — New System FIPS 199 Categorization (EPA/NEPMS)

Series 4 — PTA & PIA | Privacy Threshold Analysis & Privacy Impact Assessment

Self-Practice 2 — FEMS | Self-Practice 2 — System Upgrade Re-Categorization + Significant Change (FEMS)

Case Study 1 — FHIMS | Case Study 1 — Full FIPS 199 Categorization (HHS/FHIMS)

Series 5 — NIST SP 800-53B | NIST SP 800-53B Security & Privacy Control Baselines

Series 6 — NIST SP 800-53 Rev.5 Overview | NIST SP 800-53 Rev.5 — Security & Privacy Controls Overview

Series 7 — Step 2: Select Controls | Step 2: Select Controls — Building ClearPath’s Control Baseline

Series 8 — AC Family SOP Masterclass | Access Control Family — How to Write SOPs from the Actual 800-53 Text

Series 9 — AC Practice | AC Family — You Write the SOPs from Scratch (Student Practice)

Series 10 — AT + AU Families | Awareness & Training + Audit & Accountability SOPs — Build & Practice

Series 11 — Control Status & Responsibility | Control Status & Responsibility Types — Before You Write a Single SSP Statement

Deep Dive — System Security Plan (SSP) | The System Security Plan — Deep Dive (Structure, Writing, and What the AO Reads)

Series 12 — Step 3: Implement Controls | Step 3: Implement Controls — Writing the SSP, Turning Controls Into Reality

Series 13A — SP 800-53A Overview | NIST SP 800-53A — The Assessment Framework (Methods, Objects, Findings)

Deep Dive — Security Assessment Plan (SAP) | The Security Assessment Plan — Deep Dive (Scope, Methods, ROE, Schedule)

Series 13B — How to Conduct an Assessment | How to Conduct a Security Assessment — SP 800-53A Chapter 3 Applied

Deep Dive — Security Assessment Report (SAR) | The Security Assessment Report — Deep Dive (Findings, Ratings, AO Package)

Series 13C — Audit Preparation Room | The Audit Preparation Room — 14 Days to Assessor Arrival

Series 14 — Step 5: Authorize | Step 5: Authorize — Authorization Package, AO Decision, ATO Letter

Series 15 — Step 6: Monitor | Step 6: Monitor — ConMon, Ongoing Authorization, ISCM Dashboard

Series 16 — CUI + SP 800-171 Rev.3 | Controlled Unclassified Information (CUI) + NIST SP 800-171 Rev.3

Series 17 — FedRAMP | FedRAMP — How Cloud Authorization Works and How It Fits the RMF

BETS Capstone — Step 0: Prepare | BETS: ISSO Kickoff Memo, Role Assignment Register, Laws Register, Risk Tolerance Statement

BETS Capstone — Step 1: Categorize | BETS: InfoType SP 800-60 Mapping, FIPS 199 Analysis, Categorization Memo, PTA

BETS Capstone — Step 2: Select | BETS: SP 800-53B HIGH Baseline, Overlay Register, Selection Rationale, SSP Parts I–IV

BETS Capstone — Step 3: Implement | BETS: PAM SOP, VM SOP, SSP Part V Control Statements, Evidence Register

BETS Capstone — Step 4: Assess | BETS: SAP, Assessment Findings Log, SAR, POA&M v1.0

BETS Capstone — Step 5: Authorize | BETS: Authorization Package Checklist, AO Risk Briefing, ATO Letter

BETS Capstone — Step 6: Monitor | BETS: ConMon Plan, KEV Escalation, Change Impact Assessment, Q1 ISCM Report

Capstone

Interactive Hands-On Walkthrough RMF

0% Complete