Become a CSF 2.0 Lead Implementer

NIST's Cybersecurity Framework 2.0 provides a policy framework of computer security guidance for how organizations in the United States and around the world can assess and improve their ability to prevent, detect, and respond to cyber attacks. The framework has been translated to many languages, and is used by the governments of Japan and Israel, among others. Want to establish yourself as an expert in developing, implementing, and managing a robust cybersecurity program? The Certified NIST CSF LI 2.0 certification is the perfect way to do it! This certification will certify your ability to implement formal structure, governance, and policy of a robust cybersecurity framework following internationally recognized and respected NIST best practices and standards.

Get trained and certified as an expert in developing, implementing, and managing a robust cybersecurity program according to internationally adopted CSF 2.0 governance and management best practices. Stand out in the competitive cybersecurity landscape and take your career to the next level with this prestigious certification.

This 3-day Cybersecurity Framework 2.0 workshop provides thorough coverage of the CSF, as well as setting out advice on the implementation of cybersecurity initiative. The purpose of the course is to:

• Learn how to establish, manage, and document CSF 2.0 conformance.
• Provide thorough coverage of the requirements of NIST's Cybersecurity Framework 2.0;
• Give practical guidance on designing a suitable framework for the organization, and how to leverage ISO 27110 to integrate CSF recommendations into a comprehensive ISO 27001 ISMS;
• Give practical advice on implementing cybersecurity management;
• Prepare you for your certification exam required for professional credentialing.

Register for a class (in-person or virtual) and get started today!

Class details

• Duration: 3 days, 8:30 - 4:30
• CPE Credit: 24
• Materials included with live instructor-led training:
  • Class manual (complete hard copy of class presentation)
  • Excel template: Cybersecurity Framework 2.0 Roles and Responsibilities RACI Matrix & CSF 2.0 Profile Template Tool (USD $500 value)
    
  • 14 days of unlimited access to online practice exams for exam #CSF101
  • 1 attempt for the online certification exam #CSF101
  • Current-year membership in the CIS Body of Certified Professionals
•  
• Professional Certification: This course fulfills all prerequisite training requirements for certification exam #CSF101 for professional certification as Certified NIST CSF 2.0 Lead Implementer.
• Certificate included with class: Upon course completion, we will provide you with an achievement certificate for 24 continuing professional education (CPE) credits that can be used to fulfill requirements for maintaining a variety of professional credentials for fraud examination, accounting, auditing, and information security.
• Recommended prerequisite training: None
• Hotel and/or Travel: Not included

 * Access to a soft copy of the NIST CSF is provided in class. However, ISO Standards are NOT included in this risk management training, nor provided in class. ISO standards are available for purchase at www.iso.org.

Recommended Attendance by Position

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recommends involving a cross-functional team representing business, operations, security, information technology, and maintenance areas, including those responsible for:

• Organizational Leadership (e.g., Director, Chief Operations Officer, Chief Technology Officer, Chief Security Officer)
• Chief Privacy Officer
• Data Protection Officer
• Risk Management (e.g., Enterprise/Operations Risk Manager)
• Chief Audit Executive/Director of Internal Audit
• Chief Compliance Officer & Compliance Managers
• IT Policy and Governance (e.g., Chief Information Security Officer)
• Business Operations (e.g., Operations Manager)
• IT Security Planning and Management (e.g., Director of Information Technology)
• Business Continuity and Disaster Recovery Planning (e.g., BC/DR Manager)
• IT Infrastructure (e.g., Network/System Administrator)
• IT Operations (e.g., Configuration/Change Managers)
• Procurement and Vendor Management (e.g., Contracts and Legal Support Managers)

NIST CSF 2.0 Lead Implementer training content outline:

• 6 Framework 2.0 Core Functions
  1. Govern
  2. Identify
  3. Protect
  4. Detect
  5. Respond
  6. Recover
• Cybersecurity Risk communication and Integration
• Framework Profiles
• Framework Tiers (Cyber Security Risk Management)
• Converging the CSF Framework into an ISO 27001 Information Security Management System
• Using the CSF for security audits, compliance, and communication
• Provides up-to-date coverage of CSF 2.0

This program is required for the following professional certification:

Certified NIST CSF 2.0 Lead Implementer

Preparing for Certified Information Security's professional certification exam

#CSF101 is serious business. This is where we can help. If you first successfully complete:

• All prerequisite course training; and
• All CSF101 online practice exams

Certified Information Security guarantees your success in passing CIS exam #CSF101.

If you do not pass exam #CSF101 on your first attempt after completion of your required course and practice exams, Certified Information Security will allow you to re-test at no additional charge until you successfully pass your certification exam.

Get trained as an expert in assessing and auditing cybersecurity according to the NIST Cybersecurity Framework 2.0

Assessing the organization’s cybersecurity program against the key capabilities and objectives is the cornerstone of cybersecurity improvement and optimization. Internal and external stakeholders have a vested interest in managing cyber risk, and measuring the organization’s cybersecurity processes, procedures, and controls against desired cybersecurity objectives provides the basis for identifying critical risk exposures and opportunities for improvement. CSF 2.0 now provides 106 desired cybersecurity outcomes/objectives along with 363 implementation recommendations. In two short days, our certified CSF 2.0 expert will lead you and your team through a hands-on assessment of these very implementation tasks. The Certified NIST CSF 2.0 LA certification validates your ability to audit and assess the formal structure, governance, and policy of a robust cybersecurity framework following internationally recognized and respected NIST best practices and standards. 

NIST CSF 2.0 Core desired outcomes can also be assessed for maturity of execution

Trying to assess a cybersecurity objective or desired outcome as simply “Incomplete”, “Partially Complete”, or “Complete” does not fully capture how mature the recommended tasks are implemented. Were a given cybersecurity objective and its corresponding implementation tasks well-planned? Were the tasks driven by documented policy? Were the implementation policy and procedures standardized throughout the organization, or do they differ from one department to another? Are metrics used and monitored to identify opportunities for improvement? These are some of the questions we should also consider as we assess every desired outcome and control objective’s level of maturity of execution. Determining Maturity Indicator Levels (MIL) is a critical part of a cybersecurity review, and your instructor will provide the seasoned guidance you and your fellow assessors/auditors need to perform the assessment properly.

Is this CSF 2.0 Lead Auditor training only for auditors? How does it help people who implement and manage cybersecurity? What about people who participate in governing or practicing cybersecurity, but are not part of the specialty cybersecurity team?

This CSF 2.0 Lead Auditor training is NOT just for cybersecurity specialists and auditors! While the foundation level CSF 2.0 Lead Implementer training and certification makes you aware of the 363 tasks NIST recommends for CSF 2.0 implementation, this NIST CSF 2.0 Auditor training takes a deep dive into performing each of these 363 implementation tasks. Accordingly, this program is invaluable to anyone playing a role in governing, managing, or practicing cybersecurity. NIST CSF 2.0 governing, planning, implementation, operational practice, and improvement requires baseline assessments (audits) to determine gaps targeted for improvement. This means CSF 2.0 governors, planners, and implementers perform gap-assessments and audits as part of their normal everyday CSF 2.0 roles and responsibilities.

The purpose of the 2-day course is to:

• Provide thorough coverage of NIST CSF 2.0's 106 Core desired outcomes and 363 recommended tasks;
• Understand how to measure and monitor an organization's cybersecurity risk management maturity tiers;
• Prepare you for your NIST CSF certification exam required for Certified NIST CSF 2.0 Lead Auditor professional credentialing.

Upon completion of this training and certificate program, participants will:

• Be equipped with knowledge and skills required to audit cybersecurity framework policy and program in line with the NIST CSF 2.0 and related standards of best practice; and
• Expand your cybersecurity competency.

Register for a class (in-person or virtual) and get started today!

Class details

• Duration: 2 days, 8:30 - 4:30
• CPE Credit: 16
• Professional Certification: This course fulfills all prerequisite training requirements for certification exam #CSF102 for professional certification as Certified NIST CSF 2.0 Lead Auditor.
  • Prerequisite requirement for the NIST CSF 2.0 Lead Auditor credential: The NIST CSF 2.0 Lead Auditor certification is a stacking credential that requires current CIS Certified NIST CSF 2.0 Lead Implementer certification as a prerequisite for Lead Auditor certification eligibility. Getting trained and certified in NIST CSF 2.0 subject matter expertise is highly recommended to make the most of learning how to fully assess and audit NIST CSF 2.0 conformance. Scheduling for the comprehensive 5-day CSF 2.0 Lead Implementer and Lead Auditor training and certification track is available here.
• Materials included with live instructor-led training:
  • Class manual (complete hard copy of class presentation)
  • Excel template: CSF 2.0 Roles and Responsibilities RACI Matrix & CSF 2.0 Profile Template Tool (USD $500 value)
    
  • 14 days of unlimited access to online practice exams for exam #CSF102
  • 1 attempt for the online certification exam #CSF102
•  
• Certificate of Achievement included with class: Upon course completion, we will provide you with an online digital achievement certificate for 16 continuing professional education (CPE) credits that can be used to fulfill requirements for maintaining a variety of professional credentials for fraud examination, accounting, auditing, and information security.
• Recommended prerequisite training: None
• Catering:
  
  • Morning refreshments and snack for live in-person participants
  • Lunch
  • Afternoon refreshments
• Hotel and/or Travel: Not included

* Access to a soft copy of the NIST CSF 2.0 is provided in class.

Recommended Attendance by Position

The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) recommends involving a cross-functional team representing business, operations, security, information technology, and maintenance areas, including those responsible for:

• Organizational Leadership (e.g., Director, Chief Operations Officer, Chief Technology Officer, Chief Security Officer)
• Chief Privacy Officer
• Data Protection Officer
• Risk Management (e.g., Enterprise/Operations Risk Manager)
• Chief Audit Executive/Director of Internal Audit
• Chief Compliance Officer & Compliance Managers
• IT Policy and Governance (e.g., Chief Information Security Officer)
• Business Operations (e.g., Operations Manager)
• IT Security Planning and Management (e.g., Director of Information Technology)
• Business Continuity and Disaster Recovery Planning (e.g., BC/DR Manager)
• IT Infrastructure (e.g., Network/System Administrator)
• IT Operations (e.g., Configuration/Change Managers)
• Procurement and Vendor Management (e.g., Contracts and Legal Support Managers)

Get trained and certified in auditing and assessing the NIST Cybersecurity Framework 2.0

1. Assessing Framework Core Function subcategory desired outcomes and recommended implementation examples for CSF's six Core Functions:
   1. Govern
   2. Identify
   3. Protect
   4. Detect
   5. Respond
   6. Recover
2. Assessing CSF 2.0 roles and responsibility assignment.
3. Assessing CSF 2.0 Framework Tiers (Cybersecurity Risk Management) maturity
4. Assessing Risk Communication and Integration maturity

This program is required for the following professional certification:

Certified NIST CSF 2.0 Lead Auditor

Please note that, while there are no prerequisites to attend the training, please note that the NIST CSF 2.0 Lead Auditor certification is a stacking credential that requires current CIS Certified NIST CSF 2.0 Lead Implementer certification as a prerequisite for Lead Auditor certification eligibility. The Lead Auditor program extends CSF 2.0 Lead Implementer knowledge with an advanced understanding of how to assess and audit the 106 goals and objectives of NIST CSF 2.0 and its 363 corresponding recommended implementation tasks. If you have not already attended NIST CSF 2.0 Lead Implementer training, it is highly recommended that you do so prior to attending this session.

Preparing for Certified Information Security's professional certification exam

#CSF102 is serious business. This is where we can help. If you first successfully complete:

• All prerequisite course training; and
• All CSF102 online practice exams

Certified Information Security guarantees your success in passing CIS exam #CSF102.

If you do not pass exam #CSF102 on your first attempt after completion of your required course and practice exams, Certified Information Security will allow you to re-test at no additional charge until you successfully pass your certification exam.