When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

NIST DoD RMF

4 days left! Save on skills that make you shine with 40% off 3 months of Coursera Plus. Save now

NIST DoD RMF

This course is part of Cybersecurity Risk Management Framework Specialization

Instructor: Ross Casanova

4,338 already enrolled

Included with

Learn more

5 modules

Gain insight into a topic and learn the fundamentals.

54 reviews

6 hours to complete

Flexible schedule

Learn at your own pace

5 modules

Gain insight into a topic and learn the fundamentals.

54 reviews

6 hours to complete

Flexible schedule

Learn at your own pace

Skills you'll gain

Details to know

Shareable certificate

Add to your LinkedIn profile

Assessments

1 assignment

Taught in English

91% of learners achieved a positive career outcome

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the Cybersecurity Risk Management Framework Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 5 modules in this course

The Risk Management Framework (RMF) provides a disciplined, structured and flexible process for managing security and privacy risk. It includes information security categorization; control selection, implementation and assessment; system and common control authorizations; and continuous monitoring. It includes activities to prepare organizations to execute the framework at appropriate risk management levels. This learning path explains the RMF steps and its processes (aka tasks) which link essential risk management processes at the system level to risk management processes at the organization level. This learning path explains the Risk Management Framework (RMF) and its processes and provides guidance for applying the RMF to information systems and organizations.

Module details

This course provides an introduction to the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) Skills course. In this course, we will teach you how to employ the Risk Management Framework to better manage and reduce cybersecurity risks. In this module, we provide a brief overview, and then detail the involvement of some regulatory organizations in the development and execution of the NIST RMF. We specifically discuss executive orders, NIST, the Office of Management and Budget, the Committee on National Security Systems and more.

What's included

2 videos

In this module, we explain some of the laws, policies and regulations which mandate the implementation of the NIST RMF and govern the execution of the NIST RMF. This module discusses the Privacy Act, the Computer Fraud and Abuse Act, the USA PATRIOT Act and more.

What's included

1 video

In this module, we describe the basic concepts associated with managing information system-related security and privacy risk in organizations. Managing information system-related security and privacy risk is a complex undertaking that requires the involvement of the entire organization. Risk management is a holistic activity that affects every aspect of the organization and cannot be made in isolation. This module discusses risk, the system development life cycle, key roles and more.

What's included

4 videos

In this module, we discuss the NIST RMF steps. describes the RMF and provides guidelines for applying it to information systems and organizations. We discuss the RMF structured and flexible process for managing security and privacy risk, as well as RMF activities to prepare organizations to execute the framework at appropriate risk management levels.

What's included

7 videos

In this module, we review the six RMF steps: Categorize/Identify; Select; Implement; Assess; Authorize; and Monitor and provide an assessment to gauge your understanding of the course. In addition, there is a project in which you will review the categorization process by completing the NIST 800-60v1 categorization worksheet. You will then transfer the information over to the FIPS 199 Categorization Form and look at the six RMF steps.

What's included

2 videos5 readings1 assignment

2 videosTotal 25 minutes

Risk Management Framework Review5 minutes
Walkthrough Exercise20 minutes

5 readingsTotal 50 minutes

Exercise Challenge Questions10 minutes
Exercise Challenge Answers10 minutes
FIPS_199_Template_050212_508_110 minutes
NIST SP 800-60v1r1_Guide for Mapping Types of Information and Information Systems to Security Categories10 minutes
NIST SP 800-60v2r1- VOL 2_ Guide for Mapping Types of Information and Information Systems to Security Categories10 minutes