RMF for DoD IT Training
The industry-standard course for the Department of Defense.
This intensive four-day program covers the entire RMF lifecycle (Steps 1-6),
transitioning from the theoretical "DoD Instruction 8510.01" to the practical
application of security controls, eMASS workflows, and package authorization.
The four-day RMF (Risk Management Framework) for DoD IT course
provides comprehensive instruction on managing cybersecurity risk for
Department of Defense information systems.
Who Should Attend?
ISSOs & ISSEs
DoD Employees and Contractors who build the ATO package day-to-day.
System Owners
ISOs who are legally responsible for the system's risk and compliance.
Program Managers
Leaders who need to understand RMF timelines and resource requirements.
Course Syllabus
Legal & Regulatory Foundation
Understanding the "Why." We break down FISMA, OMB A-130, and the transition from DIACAP to RMF.
Categorization & Selection
Mastering CNSSI 1253. How to select the right High/Moderate/Low watermarks and effectively tailor controls.
Implementation & Assessment
The heavy lifting. Writing implementation statements that auditors accept. Building the SAP.
Authorization & Monitoring
The package. How to assemble the SAR, RAR, and POA&M. Presenting to the Authorizing Official (AO).
Description
RMF for DoD IT Fundamentals (Day 1)
Day 1 provides an overview of information security and risk management and proceeds to a high-level view of RMF for DoD IT. Discussion is centered on RMF for DoD IT policies, roles and responsibilities, along with key publications from DoD, the National Institute of Standards and Technology (NIST) and the Committee on National Security Systems (CNSS).
The class includes high-level discussion of the RMF for DoD IT “life cycle”, including security authorization (aka. certification and accreditation), along with the RMF documentation package and security controls.
RMF for DoD IT In-Depth (Days 2-4)
The in-depth portion expands on the fundamentals topics at a level of detail that enables practitioners to immediately apply the training to their daily work. Each student will gain an in depth knowledge of the relevant DoD, NIST and CNSS publications along with the practical guidance needed to implement them in the work environment.
- Lifecycle Mastery: Each phase of the seven step RMF life cycle is covered in detail.
- Documentation: Deep dive into each component of the corresponding documentation package.
- Controls & Assessment: NIST Special Publication (SP) 800-53 Security Controls, along with corresponding assessment procedures, are covered in detail, as are CNSS Instruction 1253 “enhancements”.
Individual and group activities are used to reinforce key concepts throughout these sessions.
Registered DoD RMF Practitioner (RDRP)
The US's only assessment focused completely on RMF
Being part of the RDRP registry not only adds resume value, it also shows employers and government officials that registrants have a comprehensive understanding of RMF as it is implemented within the DoD. Registrants are also joining a community that fosters RMF inquiry as well as networking opportunities amongst colleagues.
Certification Roadmap
Attend Training
Attend 4 days or more of RMF for DoD IT training.
Purchase Exam
For a Limited Time Only: Take the Exam for Free! Otherwise:Purchase the exam for a one-time fee of $149.
Pass Competency
Complete the 50-question test with a passing score of 70%.
NCWF Alignment
RDRP maps to a variety of work roles as defined by The National Initiative for Cybersecurity Work Framework (NCWF). The Cyber Training Academy is confident qualifications such as RDRP will become more critical as NCWF is finalized and moved out of draft form.
Cost & Maintenance
The only cost associated with becoming an RDRP is a one-time $149 administration fee. Once an RDRP candidate passes the exam, they will become a lifetime RDRP member. No CEUs are required.
Frequently Asked Questions
Is this updated for RMF 2.0 / NIST Rev 5?
Do I get a certificate?
Registered DoD RMF Practitioner (RDRP)
The Registered DoD RMF Practitioner (RDRP) is the US’s only assessment focused completely on RMF. Being part of the RDRP registry shows employers and government officials that you possess a comprehensive understanding of RMF as it is implemented within the DoD.
Certification Roadmap
Attend Training
Complete this 4-day RMF for DoD IT course.
Buy Exam
Purchase the assessment for a one-time fee of $149.
Get Certified
Pass the 50-question competency test (70% score).
Career Alignment
RDRP maps to a variety of work roles as defined by The National Initiative for Cybersecurity Work Framework (NCWF). As NCWF is finalized across federal agencies, RDRP qualifications are becoming increasingly critical for career development.
Cost & Maintenance
Lifetime Membership. The only cost is a one-time $149 administration fee. Once you pass the exam, you are a member for life. No annual fees. No CEUs required.
Select a Session
February 02, 2026
In-Person: Pensacola, FL
Residence Inn Pensacola Airport
6000 Cobble Creek Rd, Pensacola, FL 32504
February 23, 2026
In-Person: Colorado Springs
Odyssey Systems
565 Space Center Dr, Ste 120, Colorado Springs, CO 80915
Secured by Square