NIST Cybersecurity Professional®
(NCSP®) 800‑39 Awareness Certificate
Build Awareness of NIST SP 800‑39: Managing Information Security Risk
NIST Cybersecurity Professional®
(NCSP®) 800‑39 Awareness Certificate
Course Description
NIST Special Publication 800‑39 (SP 800-39) establishes the federal model for enterprise‑wide cybersecurity risk governance. It defines the risk management hierarchy, organisation, mission/business process, and information systems, and explains how risk decisions must be coordinated across all levels. The publication provides the conceptual foundation for risk framing, assessment, response, and monitoring.
The NIST Cybersecurity Professional® (NCSP®) 800-39 Awareness Certificate introduces executives, managers, and governance stakeholders to the principles of risk governance. It explains how organisations establish risk tolerance, assign accountability, and integrate risk management into strategic and operational decision‑making.
Participants gain a high‑level understanding of how SP 800‑39 supports NIST CSF 2.0, the Risk Management Framework (RMF), and enterprise risk management practices.
What You Will Learn
Participants gain essential awareness‑level knowledge of NIST SP 800‑39. You will learn:
-
The purpose and structure of NIST SP 800‑39
-
The risk management hierarchy (Tier 1–3)
-
Risk framing, assessment, response, and monitoring
-
Governance responsibilities and decision authorities
-
How SP 800‑39 aligns with CSF 2.0 Govern and Identify functions
Course Agenda
Module 1: Introduction to NIST SP 800‑39 & Risk Governance
Module 2: The Risk Management Hierarchy
Module 3: Risk Assessment, Response & Monitoring
Module 4: Governance, Accountability & CSF Alignment
Learning Outcomes
Participants will be able to:
-
Describe the purpose and structure of SP 800‑39
-
Explain the risk management hierarchy
-
Recognise governance responsibilities
-
Understand risk framing and monitoring
-
Communicate risk governance concepts
Who Should Attend?
This course is designed for professionals who need a foundational understanding of information security, including:
-
Executives & Senior Leaders
-
Governance, Risk & Compliance (GRC) Stakeholders
-
System Owners
-
Programme & Project Managers
-
Non‑technical Managers supporting cybersecurity initiatives
-
Anyone seeking an introduction to information security principles
Prerequisites
There are no prerequisites for this Awareness‑level course. No technical background is required.
Participants Are Provided With:
-
NIST Cybersecurity Professional® (NCSP®) 800‑39 Awareness courseware, including links to further reading and resources.
-
NIST Cybersecurity Professional® (NCSP®) 800‑39 Awareness Certificate of Completion.
-
NIST Cybersecurity Professional® (NCSP®) 800‑39 Awareness digital badge.
Enrol Today
This NCSP 800‑39 Awareness course provides students with a provides foundational knowledge of enterprise cybersecurity risk governance.
Further Reading
NIST SP 800-39 - Managing Information Security Risk: Organization, Mission, and Information System View