Digital Forensics And Information Security Site Home
CIS Home
Edmonds Community College Home
Program Overview
forum
Certificates
Degrees
Digital Forensics Certificate
Information Security Degree
Linux Security Specialist
Certificate
Network Security Specialist
Certificate
Digital Forensics & Information
Security Club
FREE Training Sessions
Your Instructors
 

This training has been incorporated into CIS 278. Several students have already received certificates of completion for the IAM training. Mike Andrew instructs this portion of CIS 278 and is IAM certified. This training alone usually costs between $700.00 and $800.00, but there is no additional cost to the student attending CIS 278.

The INFOSEC Assessment Methodology (IAM) is the foundation for NSA's INFOSEC Vulnerability analysis services. INFOSEC Assessments provide a high-level overview of the INFOSEC posture of an organization's operational system. Its initial focus is on identifying the criticality of the information used to support the organization's missions. The policies, procedures, INFOSEC management, information flow, and INFOSEC infrastructure are analyzed as part of the assessment process. Recommendations are then given to eliminate or mitigate identified vulnerabilities.

The IAM consists of a standardized set of activities required to perform an INFOSEC assessment. In other words, the methodology explains the depth and breadth of the assessment activities that must be performed to be compliant within the INFOSEC Assurance Training and Rating Program (IATRP). The IAM "sets the bar" for what needs to be done for an activity to be considered a complete INFOSEC Assessment. The methodology does not teach INFOSEC analysis skills. It merely provides a framework by which INFOSEC analysts can use their skills to perform a repeatable and comparable process. Providers who advertise an INFOSEC Assurance capability and consumers seeking assistance in performing INFOSEC Assessments can use the IAM as their baseline for their discussions.

Because the IAM is a baseline, providers can expand upon it to further meet the needs of the customers. However, it is recommended that any "expansion" should not reduce or interfere with the original intent of any IAM activity.

The IAM is instructed at the beginning of CIS 278 over the course of two weeks or four class meetings. Attendance of all sessions is mandatory for participants to receive a certificate of completion for the IAM.
Copyright © Edmonds Community College Site Home | EdCC Home | Courses | Certificates | Degrees | FREE Training Sessions