• CATALOG
  • MILITARY
  • FINANCIAL ASSISTANCE
  • LOGIN
      Forget your password?
  • Open Search Dialog
Home > Training Programs > Cybersecurity > (ISC)² Governance, Risk, and Compliance Certification (CGRC™) Training Boot Camp (previously CAP®)
Contact: Tyne Rieck
(563)336-3483 tlrieck@eicc.edu

(ISC)² Governance, Risk, and Compliance Certification (CGRC™) Training Boot Camp (previously CAP®)

Learn how to maintain and authorize information systems within the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF). You will leave this boot camp with the knowledge and domain expertise needed to pass the (ISC)² CGRC™ exam, previously known as CAP®.

Infosec-ISC-2-CAP-Training-Boot-Camp
$3,999.00 (USD)
Have a question?We're here to help

Overview

Objective

Outline

  1. Day 1
    1. Risk Management Framework
      1. Understanding the Risk Management Framework
      2. Categorization of information system
      3. Selection of security controls
      4. Security control implementation
      5. Security control assessment
      6. Information system authorization
      7. Monitoring of security controls
    2. Risk Management Framework Processes
  2. Day 2
    1. Categorize Information Systems
      1. Information system
      2. System security plan
      3. Categorize a system
      4. National security system
      5. Privacy activities
      6. System boundaries
      7. Register system
    2. Select Security Controls
      1. Establish the security control baseline
      2. Common controls and security controls inheritance
      3. Risk assessment as part of the Risk Management Framework (RMF)
  3. Day 3
    1. Implement Security Controls
      1. Implement selected security controls
      2. Tailoring of security controls
      3. Document security control implementation
    2. Assess Security Controls
      1. Prepare for security control assessment
      2. Establish security control assessment plan (SAP)
      3. Determine security control effectiveness and perform testing
      4. Develop initial security assessment report (SAR)
      5. Perform initial remediation actions
      6. Develop final security assessment report and addendum
    3. Authorize Information Systems
      1. Develop plan of action and milestones (POAM)
      2. Assemble security authorization package
      3. Determine risk
      4. Determine the acceptability of risk
      5. Obtain security authorization decision
    4. Monitor Security State
      1. Determine security impact of changes to system and environment
      2. Perform ongoing security control assessments
      3. Conduct ongoing remediation actions
      4. Update key documentation
      5. Perform periodic security status reporting
      6. Perform ongoing risk determination and acceptance
      7. Decommission and remove system

Requirements

Prerequisites

You've got questions.
We're here to help.

Our highly knowledgeable Enrollment Specialists will answer any questions you might have about the course and payment options.

REQUEST INFO

Instructor

FAQs

Reviews

You've got questions.
We're here to help.

Our highly knowledgeable Enrollment Specialists will answer any questions you might have about the course and payment options.

REQUEST INFO
Eastern Iowa Community College District

Business & Industry Center
Davenport, IA 52801 US
MAIN CONTENT

Copyright © 1997 - 2023 All rights reserved. The material on this site cannot be reproduced or redistributed unless you have obtained prior written permission from Cengage Learning. Privacy Policy