This two-day classroom-based training offers a look into the automation of Assessment and Authorization (A&A) built to fit your risk and compliance needs. This course addresses the process of authorizing a new system to operate, and introduces how those systems can be leveraged to provide a high-level look at risk across an organization. The structure and operations of the RSA Archer Public Sector use case, including A&A and Plan of Action and Milestones (POA&Ms), will be explored through lecture and hands-on experience. An introduction to RSA Archer's Continuous Monitoring (CM) solution will also be provided.
RSA Archer users responsible for the procurement, development, integration, modification, or maintenance of an information system and its security posture.
Students should have familiarity with navigating RSA Archer, or have completed the RSA Archer Reporting and Navigation course.
Upon successful completion of this course, participants should be able to:
- Explain the components of the Public Sector use case
- Create an Authorization Package
- Allocate and assess appropriate Controls for an Authorization Package
- Submit an Authorization Package for ATO Decision
- Create and Submit a POA&M
- Review, Approve, and Close a POA&M
- Create and Submit a Risk Acceptance Request
- Explain how A&A interacts with CM
- Identify how data collected within CM is used to gain visibility into risk across the organization
Click HERE to register for this training event.
If you have any questions please click HERE.