
NIST Cybersecurity Professional®
(NCSP®) 800-37 Awareness Certificate
Build Awareness of the NIST Risk Management Framework (RMF)

NIST Cybersecurity Professional®
(NCSP®) 800-37 Awareness Certificate
Course Description
NIST Special Publication 800‑37, Risk Management Framework (RMF) for Information Systems and Organizations, provides a structured, repeatable process for managing cybersecurity and privacy risk across the system lifecycle. It integrates security, privacy, and risk management activities into organisational governance and decision‑making.
The NIST Cybersecurity Professional® (NCSP®) 800‑37 Awareness Certificate is a half‑day, instructor‑led course offering a concise introduction to the purpose, structure, and strategic value of the NIST RMF. Designed for executives, managers, and stakeholders, this course explains how the RMF supports enterprise risk management, system authorisation, and continuous monitoring, without requiring technical or implementation‑level expertise.
Participants gain a high‑level understanding of the RMF steps, key roles, governance requirements, and how RMF aligns with broader NIST guidance and organisational cybersecurity programmes.
What You Will Learn
Participants gain essential awareness‑level knowledge of NIST SP 800‑37. You will learn:
-
The purpose, structure, and evolution of the NIST Risk Management Framework.
-
How RMF integrates with enterprise risk management and organisational governance.
-
The seven RMF steps and their role in managing cybersecurity and privacy risk.
-
Key roles and responsibilities within the RMF process.
-
How RMF supports system authorisation, continuous monitoring, and resilience.
-
How RMF aligns with NIST SP 800‑53, CSF 2.0, and other NIST publications
Course Agenda
Module 1: Introduction to NIST SP 800‑37 & the Risk Management Framework
Module 2: RMF Structure & the Seven RMF Steps
Module 3: Roles, Responsibilities & Organisational Governance
Module 4: RMF in Practice; Integration, Alignment & Continuous Monitoring
Learning Outcomes
Participants will be able to:
-
Describe the purpose and structure of the NIST Risk Management Framework.
-
Explain the seven RMF steps at an awareness level.
-
Recognise key RMF roles and governance responsibilities.
-
Understand how RMF supports system authorisation and continuous monitoring.
-
Identify how RMF aligns with other NIST guidance and organisational cybersecurity programmes.
-
Communicate the strategic value of RMF to stakeholders and teams.
Who Should Attend?
This course is designed for professionals who need a strategic understanding of risk management and system assurance, including:
-
Executives & Senior Leaders
-
Business & System Owners
-
Governance, Risk & Compliance (GRC) Stakeholders
-
Programme & Project Managers
-
Security & Privacy Managers
-
Anyone seeking an introduction to the NIST RMF
Prerequisites
There are no prerequisites for this Awareness‑level course. No technical background is required.
Participants are provided with:
-
NIST Cybersecurity Professional® (NCSP®) 800-37 Awareness Certificate courseware including links to further reading and resources.
-
NIST Cybersecurity Professional® (NCSP®) 800-37 Awareness Certificate, Certificate of Completion.
-
NIST Cybersecurity Professional® (NCSP®) 800-37 Awareness Certificate digital badge.
Enrol Today
This NIST Cybersecurity Professional® (NCSP®) 800‑37 Awareness course provides students with a high‑level understanding of the NIST Risk Management Framework and its role in managing cybersecurity and privacy risk.

Further Reading
NIST 800-37 Rev 2 - Risk Management Framework for Information Systems and Organizations
https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2.pdf