Risk Management Framework

  • Overview
  • Course Content

Risk Management Framework

Course Description

The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) provides a mechanism to inform risk decisions and improve cybersecurity. As federal government and private industry transition to RMF, a broad understanding of the entire process eases adoption challenges. Informative lectures provide in-depth knowledge concerning risk-management concepts, policies, and roles defined by relevant Department of Defense (DoD), NIST, and Committee on National Security Systems publications. The seven-step life cycle process is explored through presentations and hands-on exercises as attendees learn the steps involved to prepare for RMF, categorize information systems, select security controls, implement controls, assess controls, authorize information systems, and monitor the security controls.

Course Content


  • Key definitions    
  • Policy documents    
  • Overview of RMF process    


  • Identify RMF roles    
  • Understand responsibilities for each role    


  • Categorize    
  • Select     
  • Implement    
  • Assess    
  • Authorize    
  • Monitor    


  • NIST 800-53 control families    
  • Understanding how controls reduce risk    
  • Examine documents used to track controls    

Session Details

  • Special Discounts: Georgia Tech Research Institute (GTRI) employees are eligible to receive a discount.  If you are a GTRI employee, please go to the Organizational Development website and look for the coupon code under GT Professional Development. Review coupon instructions for more information.

Who Should Attend

This course is designed for Department of Defense (DoD) employees, contractors, program managers, risk professionals, IT managers, and private industry practitioners who wish to understand the RMF.

Coding boot camp professional working on laptop

What You Will Learn

  • RMF overview
  • Roles and responsibilities
  • Tasks of the RMF seven-step process
  • Types of documentation included in RMF packages
  • Security control families
Cybersecurity professional working on computer

How You Will Benefit

  • Understand the seven-step risk management framework (RMF).
  • Apply DoD and federal guidance to RMF processes.
  • Practice performing the RMF steps through hands-on exercises and discussions.
  • Explore common vulnerabilities.
  • Unpack the NIST 800-53 control families.
  • Taught by Experts in the Field icon
    Taught by Experts in the Field
  • Grow Your Professional Network icon
    Grow Your Professional Network

The course schedule was well-structured with a mix of lectures, class discussions, and hands-on exercises led by knowledgeable and engaging instructors.

- Abe Kani


We enable employers to provide specialized, on-location training on their own timetables. Our world-renowned experts can create unique content that meets your employees' specific needs. We also have the ability to deliver courses via web conferencing or on-demand online videos. For 15 or more students, it is more cost-effective for us to come to you.

  • Save Money
  • Flexible Schedule
  • Group Training
  • Customize Content
  • On-Site Training
  • Earn a Certificate
Learn More

Want to learn more about this course?