Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security - - PowerPoint PPT Presentation

gretchen ann morris cissp
SMART_READER_LITE
LIVE PREVIEW

Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security - - PowerPoint PPT Presentation

Mar 03, 2023 184 likes •319 views

Gretchen Ann Morris, CISSP DB Consulting Group NASA IT Security Awareness and Training Center Objectives for this session Review our role-based course development process Learn how to personalize our role-based courses for your agency

slide-1
SLIDE 1

Gretchen Ann Morris, CISSP

DB Consulting Group NASA IT Security Awareness and Training Center

slide-2
SLIDE 2

Objectives for this session

 Review our role-based course development

process

 Learn how to personalize our role-based courses

for your agency

 Learn how to request our role-based courses, get

help, and give feedback

slide-3
SLIDE 3

Key Stops Along the Path

 Roles with Significant Security Responsibilities  NIST SP 800-16

 The Training Matrix and Roles  The building blocks (cells)  Extracting a lesson outline

 Writing Lessons  Building the Courses

slide-4
SLIDE 4

Significant Security Responsibilities

 Pick Roles

 All?  Top 5 with most risk?  Those listed in Agency Policy?

 Prioritize order of course development  Plan (Look at the training matrix prior to

completing this step.)

slide-5
SLIDE 5

NIST SP 800-16 Training Matrix

Manage Acquire Design & Develop Implement & Operate Review & Evaluate Laws & Regs Sec Program Planning Sec Program Managing SDLC - Initiation XXXXXXXX SDLC - Development SDLC - Implementation SDLC - Operations SDLC - Disposal XXXXXX XXXXXXX

slide-6
SLIDE 6

Cells

 Behavioral outcome  Sample learning objective  Topics

slide-7
SLIDE 7

Lesson Outlines

 Introduction  Supporting objectives  Interactive exercises  Conclusion

slide-8
SLIDE 8

Writing Lessons

 Base lessons on Agency Policy  Base lessons on sSupporting NIST SPs and

Federal laws

 Keep all roles in mind when developing material  Validate information with Subject Matter Experts

slide-9
SLIDE 9

Building Course(s)

 Create a course introduction and conclusion  Write one lesson (cell) at a time  Create special lessons (as needed) to include

information that is not covered by the lessons created from the cells within the matrix

slide-10
SLIDE 10

Personalizing Existing Content

 NASA beginning SA course  The alternate beginning SA course

slide-11
SLIDE 11

Requests

 From you (for course materials)

 Sign up list here and at our table in the FBC area  Email requests with Name, Agency supporting, and

mailing address to itsatc@lists.nasa.gov

 From us

 Please give us credit  Please give us feedback

slide-12
SLIDE 12

Questions?

 The NASA IT Security Awareness and Training

Center team…

 Richard Kurak, NASA Program Manager  Michelle Beagle, SGT, Administrative Specialist  Diane Blocksom, DB Consulting, Technical Writer  Gretchen Morris, DB Consulting, Technical Writer  Ruth Petersen, DB Consulting, Technical Writer

 itsatc@lists.nasa.gov

 Contact information is available in the

conference attendance list.