Certified Cloud Risk Management Professional

Continuing in the virtual practicum/internship this class focuses on the integrated enterprise/cloud system where students develop the capability to: 1) evaluate system security, 2) analyze system assessment reports to make recommendations for a Plan of Action & Milestones, 3) comply with all Authorization to Operate package requirements, and 4) strategically develop ISCM (Information Security Continuous Monitoring). 

At the completion of this course, successful students will be able to receive the CCRMP Certification, and will be expected to be able to: 

1. Analyze and develop a plan to assess security controls  

2. Analyze and develop a Security Assessment Plan (SAP) for assessing required security controls 

3. Complete a Security Controls Assessment (SCA) as part of NIST RMF Step 4  

4. Complete a Security Assessment report (SAR) based on the SCA 

5. Identify remediation options as part of the development of a Plan of Action and Milestones (POA&M) 

6. Develop Authorization to Operate (ATO) package  

7. Review the ATO package to make determination and authorization of the information system from the point-of-view of the Authorizing Official (AO) as part of NIST RMF Step 5 

8. Determine the impact of system changes and apply the Information Security Continuous Monitoring (ISCM) strategy as part of NIST Step 6 

9. Conduct the decommission of a system as part of NIST Step 6 

10. Apply secondary research to cybersecurity challenges 

11. Collect, interpret and analyze existing research and/or resources, and use in risk management processes 

Provided through Virgina’s FastForward, FANTIC and G3 programs that provide full financial aid for qualified Virginia residents.