RSA Archer Assessment & Authorization for Public Sector

Document created by Elena Komarova Employee on Mar 10, 2017Last modified by Connor Mccarthy on Nov 29, 2017
Version 6Show Document
  • View in full screen mode

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

 

Summary

This two-day classroom based training offers a look into the automation of Assessment and Authorization (A&A) built to fit your risk and compliance
needs.

 

Overview

This two-day classroom-based training offers a look into the automation of Assessment and Authorization (A&A) built to fit your risk and compliance needs. This course addresses the process of authorizing a new system to operate, and introduces how those systems can be leveraged to provide a high-level look at risk across an organization. The structure and operations of the RSA Archer Public Sector use case, including A&A and Plan of Action and Milestones (POA&Ms), will be explored through lecture and hands-on experience. An introduction to RSA Archer's Continuous Monitoring (CM) solution will also be provided.

 

Audience

RSA Archer users responsible for the procurement, development, integration, modification, or maintenance of an information system and its security posture.

 

Delivery Type

Classroom (delivered live) or Virtual Classroom (live learning delivered remotely)

Learn more about modalities

 

Duration

2 days

 

Prerequisite Knowledge/Skills

Students should have familiarity with navigating RSA Archer, or have completed the RSA Archer Reporting and Navigation course.

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Explain the components of the Public Sector use case
  • Create an Authorization Package
  • Allocate and assess appropriate Controls for an Authorization Package
  • Submit an Authorization Package for ATO Decision
  • Create and Submit a POA&M
  • Review, Approve, and Close a POA&M
  • Create and Submit a Risk Acceptance Request
  • Explain how A&A interacts with CM
  • Identify how data collected within CM is used to gain visibility into risk across the organization

 

Course Outline

  • Course Introduction
    • Expectations for the course
    • Objectives

 

  • Unit 1: Introduction to Public Sector
    • Public Sector components
    • Introduction to the lab environment
    • Explore available dashboards and reports

 

  • Unit 2: Assessment & Authorization
    • Create and categorize an Authorization Package
    • Allocate and tailor appropriate controls
    • Prepare an Authorization Package for control assessment
    • Assess Controls
    • Submit an Authorization Package for ATO decision

 

  • Unit 3: Plan of Action & Milestones
    • Create and submit a POA&M
    • Review, approve, and close a POA&M
    • Create and submit a risk acceptance request

 

  • Unit 4: Introduction to Continuous Monitoring
    • CM components
    • Discuss how A&A interacts with CM
    • Discuss how scanning tools are leveraged by CM to provide an organization-wide look at risk

 

  • Course Summary
    • Customer support options

 

 

 

 

 

ScheduleandRegisterButton

ScheduleOnlyButton

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes