Implementing & Assessing Security Controls
Overview
This 4-day Masterclass combines two critical workshops: Security Controls Implementation (Step 3) and Security Controls Assessment (Step 4). It is the only course of its kind designed to bridge the gap between "building" security and "verifying" it.
Whether you are an ISSO documenting compliance or an SCA testing it, this course provides the deep technical dive required to prove system security in a hostile threat environment.
Course Prerequisite
A strong understanding of RMF is required. We highly recommend completing our RMF in Practice program prior to attending.
Part 1: Implementation (Days 1-2)
Focuses on the practical application of NIST SP 800-53 controls. We move beyond "copy-paste" policy to true system configuration.
- ✓ Project Planning for Controls
- ✓ The Concept of Traceability
- ✓ Holistic Security Implementation
- ✓ Documenting Test Results
- ✓ The Role of STIGs
- ✓ Critical Controls Review
Part 2: Assessment (Days 3-4)
Focuses on the Independent Assessment (SCA) process. Learn to evaluate if controls are implemented correctly, operating as intended, and producing the desired outcome.
- ✓ Role of the SCA
- ✓ Assessment Criteria & Requirements
- ✓ Managerial Control Reviews
- ✓ Technical Control Reviews
- ✓ Operational Control Reviews
- ✓ Developing the SAR
Who Should Attend?
Open to all, but especially recommended for:
- ISSEs & System Admins: Responsible for "locking down" the system.
- SCAs & Auditors: Responsible for validating the security posture.
- ISSOs: Responsible for documenting the implementation statements.
Delivery Methods
Flexible Registration
Register for the full 4-day series (Recommended) or take individual 2-day workshops.
Private Groups
Available for teams of 8+ students, either on-site or online.
Request Training
Flexible Scheduling
Contact us for upcoming dates.
Private Groups
Ideal for QA & Engineering teams.