Implementing a Security Assessment and Authorization Process

This course teaches you how to approach reviewing the security of systems before introducing them to your environment and how to formally authorize systems. Both are key skills in the National Initiative for Cybersecurity Education framework.

New systems and changes to existing systems are part of any organization. Today, there is heavy emphasis on the security of all major changes to an organization's technology. The National Institute of Cybersecurity Education has a specific requirement for users to learn and understand a formal Security Assessment and Authorization process. In this course, Implementing a Security Assessment and Authorization Process, you'll first learn how to approach formally assessing the security controls of a new system. Next you'll explore the approach taken to formally authorize the system prior to allowing it to become part of your organization's technology. You'll finish the course by learning how to select the correct security testing procedures from a whole library provided by NIST (National Institute for Standards in Technology). Upon completion of this course, you'll be well versed in the knowledge needed to implement and operate a security assessment and authorization process for your organization.

• Course Overview 1min
• Why Care About Security Assessments and Authorization? 25mins
• Learning Assessment Fundamentals 17mins
• Looking at a Typical Assessment Process 15mins
• Comparing Assessment Methods 15mins
• Assessing Controls 35mins
• Conformance Testing 17mins
• Presenting Your Assessment Findings 9mins
• Security Authorization 9mins