Full Day Tutorial: Thursday, June 17^th, 8:30 - 5:00 held at SAIC in the Research Park

The importance of the Risk Management Process in Information Security Systems Engineering (ISSE)

This discussion will be centered on the importance of the Information Security Systems Engineering (ISSE) Risk Management process and will be oriented to information assurance (IA) methodologies utilized by NIST and Department of Defense contracts. Understanding the ISSE risk process is invaluable to Program Managers, Systems Engineers, System Architects, and Information Assurance professionals at all levels.
The ISSE risk process can include one or all of the accepted risk methodologies. These methodologies include PMBOK 4th Edition, Oregon's Process Center of Excellence, DoD 8500.2, NIST 800-53; NIST 800-39, McCumber Cube, and DIACAP are some of the methods covered.

This course provides a conceptual background in risk analysis and hands-on training in the use of Risk Management Plans & Individual Risk Summary Worksheets and how they fit into Information Assurance Planning. After completion of the course, students will know how to utilize the Risk Management Plan, perform qualitative analysis Identifying threats - Qualitative, and quantitative analysis using probability calculations for security based on the DoD STIGS. How to utilize SWOT -Strengths, Weaknesses, Opportunities, and Threats process and the 5 Steps of a Risk Analysis to determine whether to Reduce, Transfer, Avoid, or Accept the Risk.
In addition you will learn how information assurance and risk management fits into the ISSE process as a component to Full Site Security and the top 3 security project risks and mitigation strategies. What are the risks? What is the likelihood / probability? What is the Impact? How do you detect it?
(L * I) * D = RPN


To Register for the Tutorial

Registration must be completed by COB 12 June 2010:


Non-INCOSE Member Registration Fee = $125 per person
For Non-INCOSE Members

INCOSE Members Registration Fee = $75
For INCOSE Members

All INCOSE Members who register and do not attend, will be invoiced additional $50 for holding a seat.

Student Registration Fee = $75
For Students

Course materials, parking, refreshments and lunch are included with your registration.
Registration limited to 50 seats.

Location:
Directions to SAIC in Research Park

About the Instructor:
Frederick B. Beltzer is a Lockheed Martin (LM) Qualified Systems Engineer (QSE) working as an Information Security Systems Engineer (ISSE) for LM STS. Fred is currently working on multiple programs supporting the DoD DON, USMC, USAF, and U.S. Army programs. Fred is responsible for developing the ISSE processes, procedures, tools, and technologies to support programs where he is responsible for the architecture, design, development, evaluation and integration of systems, subsystems, and networks to maintain overall security IAW the appropriate MAC level, Classification level, and level of Robustness. Fred supervises and prepares the Certification and Accreditation documentation, using multiple standards/ tools such as DIACAP, NIACAP, DCID 6/3, Common Criteria, and NIST 800-37, to achieve accreditation of supported systems while supporting contractor site security IAW DSS NISPOM Ch8. Recently, he was the ISSE for AT&T on OneTESS and Senior Computer Systems Engineer/Information Assurance Analyst for the Army's ATIA AIS, where he completed the DITSCAP C&A. Also, he served as the Senior Information Assurance SE for DISA's Coalition Secure Management & Operations System (COSMOS). Fred has written several papers, which include "A Systems Engineering Approach to Information Assurance - Volume 1" and "A Systems Engineering Approach to Information Assurance - Volume 2". Key to Fred's ISSE approach is his educational background which includes graduating with Honors from George Washington University, Masters Degree, Systems Engineering, (G.P.A. 3.63) where he also received a Certificate, Systems Engineering from George Washington University (GWU) and is a LM Qualified Systems Engineer. Fred has a Certificate, from the National Security Agency (NSA) - NSTISSI 4011 - National Training Standard for Information Systems Security Professionals (ISSP), June 2006. Fred also received a Bachelors of Science, Computer Networking from Strayer University, and graduated Suma Cum Laude (G.P.A. 3.92), where he is listed in the "Who's Who of Academia" for the graduating year of 2000, and Honors Student for Alpha Sigma Lambda National Honor Society.

CLICK HERE TO DOWNLOAD MANUAL REGISTRATION FORM