Over the past year, Office of Management and Budget Memorandums (OMB M) have made great strides ratcheting up FISMA requirements, but how do you know what you should be doing?

OMB has formally improved and standardized the Authorization process by:

• Setting the goal to achieve “near-real-time security awareness for all government Information Technology (IT) systems
• Increasing authority for CIO’s (Federal Information Technology (IT) Reform Plan) and OMB M 11-29) and Department Homeland Security (OMB M 10-28)
• Improving FISMA reporting and compliance using CyberScope  (OMB M 10-15) and CyberStats (OMB 2010 Report to Congress)
• Publishing new guidelines on how to do risk management (NIST Special Publication 800-39)
• Establishing continuous monitoring and security product interoperability using SCAP as critical requirements for all IT systems (OMB M 10-15 and DHS 2011 CIO FISMA Reporting Metrics, June 1, 2011).

How do you leverage all of these advances to successfully meet your 2012 FISMA requirements?  This 2-day course explains the specifics of these advances and provides strategies for leveraging them to meet your individual FISMA responsibilities in 2012.

This course will be taught by Certified (ISC)2 Instructor Jim Litchko who has developed and taught DIACAP, CISSP, ISSEP and CAP review courses for over five years.  He also brings real-world practical experience from supporting over 300 FISMA C&A's and continuous monitoring programs for systems in military, public and private sectors.  Using his experience, he will provide practical examples and strategies for solving individual and enterprise IT security solutions for real-world systems.

Guest Speaker

Kelley Dempsey, CISSP, Senior Information Security Specialist, National Institute of Standards and Technology Information Technology Lab/Computer Security Division will discuss NIST strategy and objectives overview for the New 800-39 "Managing Risk for Information Systems: An Organization  Perspective".