The ICD 503 Systems Security Practitioners Course (SSPC) provides Information Assurance (IA) and Information System Security Managers (ISSMs), Information Systems Security Engineers (ISSEs), and Information Systems Security Officers (ISSOs) with skills to accomplish or oversee the implementation of Intelligence Community Directive (ICD) 503, and Intelligence Community Information Technology Systems Security Risk Management, Certification and Accreditation. Students gain insights into the Federal Government’s Certification & Accreditation transformation by examining the concepts of commonality, reuse and risk management from an enterprise perspective. Students learn the Risk Management Framework (RMF) and gain a comprehension of the key RMF roles and responsibilities.
Instruction also includes categorizing information and information systems; security control families; common, hybrid, and system-specific security controls; tailoring and the identification of control enhancements; considerations for implementing security controls in the System Development Life- Cycle (SDLC); resources and references to assess and test security controls; the Body of Evidence to achieve authorization (accreditation); and considerations for continuous monitoring. The course provides a detailed walk-through of National Institute of Standards and Technology (NIST) Special Publication (SP) 800-37 and NIST SP 800-53; and the Committee for National Security Systems (CNSS) Instruction 1253. Because most security professionals still encounter Director of Central Intelligence (DCID) 6/3 in the workplace as organizations gradually transition to ICD 503, this course provides a high-level overview of the DCID and highlights the most distinct differences between it and ICD 503.
IT security personnel who are responsible for system certification and accreditation.
Why Take the Course
Gain a thorough understanding of the new national policy relative to systems certification and accreditation.
Explore new concepts and approaches to using newly established and existing policy from across various components of the US government.