The Risk Management Framework (RMF) provides a disciplined, structured and flexible process for managing security and privacy risk. It includes information security categorization; control selection, implementation and assessment; system and common control authorizations; and continuous monitoring. It includes activities to prepare organizations to execute the framework at appropriate risk management levels. This learning path explains the RMF steps and its processes (aka tasks) which link essential risk management processes at the system level to risk management processes at the organization level. This learning path explains the Risk Management Framework (RMF) and its processes and provides guidance for applying the RMF to information systems and organizations.
NIST DoD RMF
This course is part of Cybersecurity Risk Management Framework Specialization
Instructor: Ross Casanova
2,623 already enrolled
Included with
(35 reviews)
Details to know
Add to your LinkedIn profile
1 assignment
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV
Share it on social media and in your performance review
There are 5 modules in this course
This course provides an introduction to the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) Skills course. In this course, we will teach you how to employ the Risk Management Framework to better manage and reduce cybersecurity risks. In this module, we provide a brief overview, and then detail the involvement of some regulatory organizations in the development and execution of the NIST RMF. We specifically discuss executive orders, NIST, the Office of Management and Budget, the Committee on National Security Systems and more.
What's included
2 videos
In this module, we explain some of the laws, policies and regulations which mandate the implementation of the NIST RMF and govern the execution of the NIST RMF. This module discusses the Privacy Act, the Computer Fraud and Abuse Act, the USA PATRIOT Act and more.
What's included
1 video
In this module, we describe the basic concepts associated with managing information system-related security and privacy risk in organizations. Managing information system-related security and privacy risk is a complex undertaking that requires the involvement of the entire organization. Risk management is a holistic activity that affects every aspect of the organization and cannot be made in isolation. This module discusses risk, the system development life cycle, key roles and more.
What's included
4 videos
In this module, we discuss the NIST RMF steps. describes the RMF and provides guidelines for applying it to information systems and organizations. We discuss the RMF structured and flexible process for managing security and privacy risk, as well as RMF activities to prepare organizations to execute the framework at appropriate risk management levels.
What's included
7 videos
In this module, we review the six RMF steps: Categorize/Identify; Select; Implement; Assess; Authorize; and Monitor and provide an assessment to gauge your understanding of the course. In addition, there is a project in which you will review the categorization process by completing the NIST 800-60v1 categorization worksheet. You will then transfer the information over to the FIPS 199 Categorization Form and look at the six RMF steps.
What's included
2 videos5 readings1 assignment
Instructor
Offered by
Recommended if you're interested in Security
Why people choose Coursera for their career
New to Security? Start here.
Open new doors with Coursera Plus
Unlimited access to 7,000+ world-class courses, hands-on projects, and job-ready certificate programs - all included in your subscription
Advance your career with an online degree
Earn a degree from world-class universities - 100% online
Join over 3,400 global companies that choose Coursera for Business
Upskill your employees to excel in the digital economy
Frequently asked questions
Access to lectures and assignments depends on your type of enrollment. If you take a course in audit mode, you will be able to see most course materials for free. To access graded assignments and to earn a Certificate, you will need to purchase the Certificate experience, during or after your audit. If you don't see the audit option:
The course may not offer an audit option. You can try a Free Trial instead, or apply for Financial Aid.
The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile. If you only want to read and view the course content, you can audit the course for free.
If you subscribed, you get a 7-day free trial during which you can cancel at no penalty. After that, we don’t give refunds, but you can cancel your subscription at any time. See our full refund policy.