Risk Management Framework NIST 800 Step 1 Categorization

  Рет қаралды 47,606

ConvoCourses

ConvoCourses

Күн бұрын

Пікірлер: 17
@ConvoCourses
@ConvoCourses 5 жыл бұрын
Check out the course: www.nist80037rmf.com/rmf-isso-foundations
@axelthedawg9577
@axelthedawg9577 6 жыл бұрын
This is a fantastic summary of RMF and security categorization. Plainly spoken without losing meaningful concepts. Well done Bruce!
@RickKotlarz
@RickKotlarz 7 жыл бұрын
@Gwen - When categorizing the Information System (IS) the focus is on identifying what levels Confidentiality, Integrity and Availability (CIA) are at. An IS can be any combination Low, Moderate or High and is often written with only list the first initial. For example a system with CIA levels of Moderate, Moderate, Moderate would be written as MMM. Another system with Low, Moderate, Low would be written LML. This same method applies to all DoD and Federal Information Systems under RMF. However each DoD and Federal organization can have their own set of "overlays" that apply additional measures for determining the CIA level. For example, there are overlays for PHI, PII, security classification, space and others. Ref. NIST 800-53 Rev 4.
@jbox3532
@jbox3532 7 жыл бұрын
Good stuff. You explained in 10mins what I have been trying to wrap my head around for the last year
@sunshinegyrl411
@sunshinegyrl411 6 жыл бұрын
Thank you for making this so easy to comprehend👏
@MrAnderson610
@MrAnderson610 5 жыл бұрын
Thank you for posting! It is really appreciated!!! Does your course prepare me to sit for the CAP certification? How well does your course prepare me for success in a field of CAP? Thanks in advance!
@MrNATSFAN11
@MrNATSFAN11 5 жыл бұрын
Nice Presentation of this material!!
@njikims1
@njikims1 6 жыл бұрын
Great lecture. Thank you and keep up the good work.
@gwen7479
@gwen7479 8 жыл бұрын
Bruce, thank you for the video. In your case of multiple information types, would it really matter going through the process of figuring out each one if one of your info types was let's say, "high" for integrity? If the concept of High Water Mark is used, wouldn't the system come out as High regardless of how the other ones turned out? Also, are you going to put out a video for how to categorize national security systems? Since the DoD is transitioning to RMF, there’s a lot of confusion out there. Thank you!
@EditaLaurelHRTechnologist
@EditaLaurelHRTechnologist 7 жыл бұрын
Thanks for the video. Very helpful. Do you have more videos of RMF?
@charlyekerum2714
@charlyekerum2714 2 жыл бұрын
Great
@sheikhsa
@sheikhsa 3 жыл бұрын
Missing the privacy component which become a necessary part of every assessment nowadays.
@akinwande7122
@akinwande7122 7 жыл бұрын
Very lucid explanation. Nice.
@mtfr1000
@mtfr1000 7 жыл бұрын
You're a great teacher. I'll pay for some skype call to ask some questions. I'm interviewing and need more knowledge
@mercyhenaku3221
@mercyhenaku3221 5 жыл бұрын
Can you kindly teach on shared Assessment?
@edwardkuwornu598
@edwardkuwornu598 3 жыл бұрын
Opposition
Every ISSO Needs to Know This
34:22
ConvoCourses
Рет қаралды 13 М.
CAN YOU DO THIS ?
00:23
STORROR
Рет қаралды 42 МЛН
Wait for it 😂
00:19
ILYA BORZOV
Рет қаралды 7 МЛН
How it feels when u walk through first class
00:52
Adam W
Рет қаралды 26 МЛН
兔子姐姐最终逃走了吗?#小丑#兔子警官#家庭
00:58
小蚂蚁和小宇宙
Рет қаралды 13 МЛН
The 3 Tasks in the CATEGORIZE Step of the NIST RMF
21:52
Denise Tawwab
Рет қаралды 7 М.
Risk Management Framework NIST SP 800-18 System Security Plan intro
14:49
NIST Risk Management Framework (RMF)/Understanding the RMF Steps
16:38
TighTech Consult
Рет қаралды 27 М.
Mastering Information System Categorization: NIST 800-60 & FIPS 199 Explained
1:48:35
Master Cybersecurity GRC: Free Hands-On Learning
Рет қаралды 1,2 М.
CAN YOU DO THIS ?
00:23
STORROR
Рет қаралды 42 МЛН