New NIST Special Publication 800-37 Rev 1: Risk Management Framework (Previously Certification and Accreditation) in Government Training Workshop

Workshop Description

Please join your government colleagues for an educational event that will explore Certification and Accreditation (To be called Risk Management Framework) from current best practices through integration into the overall Security Program. Whether you are required to certify and accredit your systems under FISMA or DITSCAP, the information you will learn can be immediately applied within your environment.

You will hear from government and industry leaders who are involved in the Certification and Accreditation process and who will share with you the lessons they have learned along the way. These interactive sessions will also review some of the emerging implications and considerations in the field of Enterprise Wide Information Security.

Hear directly from the National Institute for Standards and Technology about FISMA and the Certification and Accreditation (To be called Risk Management Framework) process; where it began and where we are going. Pose your questions directly to those involved in writing the guidelines mandated by FISMA.

What You Will Learn

Risk Management Framework (Previously Certification & Accreditation) guidance, methodology and requirements
The New NIST Spec Pub 800-53 Revision 3 Controls - In Depth Discussion of that they mean to the Civilian, DoD, and Intel Communities
Scope of verification and validation testing, evaluations, and analysis
How to develop a FISMA-compliant Security Plan
The essential roles and responsibilities for the Risk Management Framework life-cycle
How to form teams to guide and perform Risk Management (previously Certification & Accreditation)
Risk management concepts
The essentials of developing comprehensive security policies, standards, & procedures and other fundamentals of Enterprise Security

Who Should Attend

CIOs, CISOs, CTOs, Deputies, Associates and Staff
Compliance and Enforcement Officers
Security Managers and Staff
Risk Management (previously C&A) Managers and Staff
Executives, Managers, and Staff Responsible for FISMA Compliance
CFO and Staff who are focusing on Certification and Accreditation Issues
IGs and Auditors
Program Managers Developing or Maintaining IT Systems
IT Professionals Interesting in Improving IT Security

Speaker and Presenter Information

Dr. Ron Ross, FISMA Implementation Project Leader NIST Author of NIST SP 800-37 Rev 1and Project Leader, Joint Task Force Transformation Initiative Working Group (Working Group that Developed the Unified Controls within the DoD, Civilian and Intelligence Communities) Dr. Ron Ross is a senior computer scientist and information security researcher at the National Institute of Standards and Technology (NIST). His areas of specialization include security requirements definition, security testing and evaluation, and information assurance. Dr. Ross currently leads the FISMA Implementation Project for NIST, which includes the development of key security standards and guidelines for the federal government and critical information infrastructure. His recent publications include FIPS 199 (the security categorization standard), Special Publication 800-53 (the security controls guideline), and Special Publication 800-37 (the system certification and accreditation guideline) and the new Special Publication 800-37 Revision 1 Final Public Draft Nov 17, 2009 (Risk Management Framework). Dr Special Publication 800. Ross is also the architect of the risk management framework that integrates the suite of NIST security standards and guidelines into a comprehensive enterprise security program. Government CISO Panel Pat Howard Chief Information Security Officer, CISSP Nuclear Regulatory Commission --- Timothy Ruland, CISM, CISSP CISO & Chief IT Security Office US. Census Bureau