This Risk Analyst course provides four days of intense, highly concentrated, non-technical professional training necessary to achieve the fundamental knowledge, skills, and abilities needed to analyze, assess, control, determine, mitigate and manage risks within federal interest computer systems that store, process, display or transmit classified or sensitive (including Personally Identifiable Information (PII)) information. This course provides training in knowledge factors and functional requirements established for Entry Level Risk Analysts and addresses specific Intermediate Risk Analysis tasks. Specific focus is directed on identifying, implementing and integrating management, acquisition and administrative risk methodologies for securing critical information infrastructures and establishing standards necessary to help protect the confidentiality, maintain the integrity and ensure the availability of critical organizational computing resources.
Students should have an advanced understanding, practical knowledge and recent experience in enforcing federal requirements, applying risk methodologies and facilitating acquisition, program management or system accreditation activities. Students should also have extensive system administrator and/or Information Assurance Manager (IAM) experience, and be very familiar with the risk relevant responsibilities associated with system accreditations.
Student Training Manual, Exercise Workbook, Student Course CD, Certificate CNSS 4016-Risk Analyst
Norman Beebe has over 25 years of managing information security within federal interest computer systems and networks that store, process, transmit or display sensitive, classified or national intelligence information. Mr. Beebe's technical certifications include: Certified Information System Security Professional (CISSP), International Information Systems Security Certification Consortium (ISC2); Certified Information Security Manager (CISM), Information Systems Audit and Control Association; National Security Agency (NSA) Information System Security Assessment and Evaluation Methodologies (IAM/IEM); and he is endorsed as a "Fully Qualified" Certification Agent. He has extensive experience in defining and designing risk analysis methodologies within federal information infrastructures and served as an NSA Adjunct Faculty member and as an NSA Accreditation Action Officer (AAOs). Mr. Beebe is a recipient of the prestigious Copernicus Award for excellence and special achievement in Command, Control, Communication, Computer and Intelligence (C4I) and winner of the National Information Assurance Leadership Award for Security Education, Training and Awareness.
Gregory Welch has extensive experience in training, curriculum development, and Information Assurance (IA). Coming from a background of cryptology and signals analysis, he has used this capability to design, develop, and map multiple training courses to the Committee of National Security Systems (CNSS) requirements. He has developed and delivered numerous presentations at seminars and conferences; most recently as a guest presenter at the National Security Institute (NSI) during the Impact 2008 conference. He has provided Certification and Accreditation (C&A) efforts and training to DoD and Federal agencies including: FBI, NSA, DHS, Coast Guard, NGA, DOI, DOJ, and all branches of the armed forces. Mr. Welch is a Certified Information System Security Professional (CISSP), and a "Fully Qualified Certification Agent". He is certified in National Security Agency (NSA) Information System Security Assessment and Evaluation Methodologies (IAM/IEM) and has received the "Advanced Signals Analyst" designation.
Jeff Moulton In September 2008, Mr. Moulton joined Georgia Tech Research Institute (GTRI) as Lead, Information Operations. GTRI is a leading university-affiliated applied research and development center. In this key area, Mr. Moulton provides strategic direction and leadership and is responsible for focusing research, business development, building technical teams, and coordinating information operations across the university and institute. Mr. Moulton has in-depth experience within the intelligence communities assessing and defining corporate-level and globally deployable network security solutions. His technical certifications include: Certified Information Systems Security Professional (CISSP), International Information Systems Security Certification Consortium (ISC2), Project Management Professional (PMP), Project Management Institute, National Security Agency (NSA) Information Assurance Manager (IAM), National Security Agency (NSA) INFOSEC Evaluation Methodology (IEM), Open Source Professional Security Analyst (OPSA), and Malware Forensics Investigator (MFI), Wetstone. Before joining GTRI, Mr. Moulton served as the Information Assurance Assistant Program Manager at the Naval Surface Warfare Center. In this role he established an Information Assurance (IA) Division for the Deployable Joint Command and Control (DJC2) Joint Program Office. He provided leadership and direction for all information assurance facets of the $566M Joint Program of Record and managed the many facets of a major DoD acquisition program. He recruited and built the first joint integrated IA team across government and military service branches, with members from DIA, NSA, SPAWAR, NETWARCOM, OSD NII, JITC, USJFCOM, USPACOM, USEUCOM, USSOUTHCOM, and other Department of Defense (DoD) IA stakeholders. Mr. Moulton authored the DJC2 IA Strategy, Technology Readiness Assessments, Analysis of Alternatives, and other DoD acquisition documents required by public law. Mr. Moulton continues to represent the DJC2 Joint Program Office as the IA subject matter expert with DoD intelligence agencies (NSA, CIA, and DIA). In addition, Mr. Moulton serves on the Department of the Navy Network Warfare Command (NETWARCOM) IA Working Group.