NIST has released an updated Risk Management Framework for Systems and Organizations Introductory Course to reflect guidance from NIST Special Publication (SP) 800-37, Revision 2. The RMF was developed by NIST to help organizations manage information security and privacy risks to and from Information Technology (IT) systems more easily, efficiently and effectively.
This three hour online course provides individuals new to risk management an overview of a flexible methodology for organizational and system risk, the Risk Management Framework (RMF). For individuals with experience with NIST SP 800-37, Revision 1, this course explains updates to the RMF in Revision 2, including the integration of privacy and supply chain risk management into this holistic process.
The RMF Introductory Course describes at a high-level the importance of establishing an organization-wide risk management program, the information security legislation related to organizational risk management, the steps in the RMF, and the NIST publications related to each step. The course can be launched through your internet browser and upon completion, individuals may print a certificate of completion. The training is also available for organizations who wish to include it as a module in their Learning Management Systems (LMS) in the following LMS standards: SCORM, AICC, xAPI, and cmi5.
Please contact email@example.com with questions or comments.
RMF Online Training Link: https://csrc.nist.gov/Projects/risk-management/rmf-training