Price: $950.00

You are not yet enrolled in this course.

Date: TBD
Location: TBD
Sessions: 8 hours or 1 Day.
Class time: 8:30 AM-5:30 PM
Instructional Method: Classroom Only

Course Description:

This ACQUIROS accredited training course prepares the student to take the NIST Foundation examination.  The course discusses how an organization can use the NIST Cyber Security Framework (NCSF) as a key part of its systematic process for identifying, assessing, and managing cybersecurity risk throughout an organization. This includes both business risk and technology risk. The Framework is not designed to replace existing processes; an organization can use its current process and overlay it onto the Framework to determine gaps in its current cybersecurity risk approach and develop a roadmap to improvement.

The Framework is composed of three parts: the Framework Core, the Framework Implementation Tiers and the Framework Profiles. By utilizing the Framework as a cybersecurity risk management tool, an organization can determine activities that are most important to critical service delivery and prioritize expenditures to maximize the impact of the investment.

In addition this course will introduce the cyber security Controls FactoryTM Model (CFM) developed by Larry Wilson, CISO, UMass President’s Office. The CFM provides an organization with the approach to operationalize the NIST Cyber Security Framework based on the modular engineering-based approach. CFM has three main areas of focus: the Engineering Center, the Technology Center and the Business Center.

Please note – All NCSF-CFM candidates that are successful in passing the certification exam will receive a verified digital badge that they can post to their LinkedIn profiles.

Certification Exam:

The certification exam would be scheduled for another day by the student. Students are either given a voucher for the exam, given instructions on how to purchase it themselves or it is included at the time the course is purchased. If it is the later then Extellent will pay for the course and the student will schedule the exam based on their readiness and availability. ACQUIROS will proctor the exam.

Learning Outcomes

At the end of this course the learner will be able to:

  • Demonstrate understanding of today’s Digital Economy, Cyber Risks, NIST Cybersecurity Framework Fundamentals and Core Functions, Categories & Subcategories.
  • Recognize Implementation Tiers
  • Develop Framework Profiles
  • Summarize Cybersecurity Improvement*
  • Explain the Cybersecurity Controls Factory™ Model


CognitiveScholar Admissions Requirements
Project team experience or Technical or Business training

NIST Cyber Security Framework (CSF):

The NIST CSF also provides a 7-step approach for the implementation and improvement of their cybersecurity posture utilizing the NIST CSF. The 7-steps include:

  • Prioritize and Scope – The organization identifies its business/mission objectives and high-level organizational priorities.
  • Orient – The organization identifies related systems and assets, regulatory requirements, and overall risk approach and then identifies threats to, and vulnerabilities of, those systems and assets.
  • Create a Current Profile – The organization develops a Current Profile by indicating which Category and Subcategory outcomes from the Framework Core are currently being achieved.
  • Conduct a Risk Assessment – The organization analyses the operational environment in order to discern the likelihood of a cybersecurity event and the impact that the event could have on the organization.
  • Create a Target Profile – The organization creates a Target Profile that focuses on the assessment of the Framework Categories and Subcategories describing the organization’s desired cybersecurity outcomes.
  • Determine, Analyze, and Prioritize Gaps – The organization compares the Current Profile and the Target Profile to determine gaps. Next it creates a prioritized action plan to address those gaps.
  • Implement Action Plan – The organization determines which actions to take in regards to the gaps, if any, identified in the previous step.