UPDAT: 2014 – Risk Management Framework for DOD IT released.
I’ve been scheduled to go to DIACAP Essentials + IA Control Validation training. It is the same training that is given to validators at AFCA, so I guess it is pretty serious stuff. I was very reluctant to go until I realized that I actually really need the CPE’s to maintain my CISSP.
Since I’ve been doing the DIACAP stuff for about 2 years now, I’m not certain there is any new information for me to learn.
The Department of Defense Information Assurance Certification and
Accreditation Process (DIACAP) Essentials course blends lecture and hands-on
exercises to introduce students to DIACAP policy (to include FISMA
requirements of a comprehensive, repeatable, and auditable Information
IA Control Validation In-Depth – 3 Days
The IA Control Validation In-Depth course takes the students DIACAP
education and turns the view from an implementor to a Validator perspective
and involves the students in the validation process for the IA Controls
What I am hoping to get from the course is a better handle on the FISMA process.
I don’t feel like I really have a handle on what is supposed to happen with it.