RSA Archer Training. Governance, Risk and Compliance. Managing enterprise-wide governance, risk and compliance through training and education

Transcription

1 RSA Archer Training Governance, Risk and Compliance Managing enterprise-wide governance, risk and compliance through training and education 1

2 RSA Archer Training Table of Contents RSA Archer Administration... 1 RSA Archer Advanced Administration... 3 Getting Started with Enterprise Risk Management... 5 Getting Started with Policy and Compliance Management... 7 RSA Security Operations Management Solution Basics... 9 RSA Vulnerability Risk Management Basics RSA Archer Custom End-User Training Service... 13

3 RSA Archer Administration Course Description AT-A-GLANCE This course provides an overview to the concepts, processes, and procedures necessary to successfully design and administer the RSA Archer platform. Overview Students will gain knowledge of the key RSA Archer platform components such as applications, security management, and communication tools through presentations and hands-on exercises. After taking this course, students will be able to plan, configure, and manage the RSA Archer environment. The subject matter in this course prepares students with the classroom component recommended for the RSA Archer Certified Administrator certification. Audience Archer administrators who are responsible for building and managing the RSA Archer egrc product. Duration 4 days REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED ARCADMIN210 Onsite class Prerequisite Knowledge/Skills A general understanding of business processes and computer-based business applications. Course Objectives Upon successful completion of this course, participants should be able to: Describe the components of the RSA Archer Enterprise Management Solution Navigate within the RSA Archer system Configure the look and feel of the RSA Archer Platform interface Centralize and organize data Import data Alert users to data changes Optimize the user experience Manage user access Automate work streams Complete a questionnaire Describe integration options Search and report on data Communicate information to key stakeholders Migrate changes between environments ED ARC TRAIN UNIT Training Units 1 Page 1

4 Course Outline Introduction to RSA Archer RSA Archer egrc Suite Solution components Introduction to the case study General Navigation Interface components Managing content records Configure the Appearance Managing Themes Managing the Appearance Centralize and Organize Data Data structure Application Builder overview Inside Manage Applications General Application Properties Field Management Page Layout Navigation Menu Import Data Using the Data Import Manager Alert Users to Data Changes Creating Letterheads Managing Subscription Notifications Troubleshooting Tips Optimize the User Experience Data-Driven Events Calculated Fields Troubleshooting Tips Manage User Access Access Control Basics User Accounts Access Roles Groups Record Permissions Private Fields Troubleshooting Tips Automate Work Streams Configure a two-stage workflow Task Management Enabling Task Management Questionnaires Question Library Overview Questionnaire Creation Process Completing a Questionnaire Integration Options Data Feed Manager API Resources Search and Report on Data Quick Search Advanced Search Statistics Search and Chart Options Reporting Communicate Information to Stakeholders iviews Dashboards Workspaces Additional Configuration Options Packaging for Production Creating Packages Installing Packages Advanced Package Mapper Design Best Practices Field Design Tips Application Layout Tips Data-Driven Event Tips Vendor Management Case Study Hands-on exercise in which participants are challenged to build a best-in-class vendor data application with minimal assistance Course Summary Customer Support Options Certification Exam Information Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 2

5 RSA Archer Advanced Administration Course Description AT-A-GLANCE This course provides handson training on the administration, configuration and bestpractice deployment of the RSA Archer Platform. Overview Throughout the course, students will be presented with a diverse collection of realworld governance, risk, and compliance problems and be shown and guided through the recommended steps involved in solving these pain points by using the features available in the RSA Archer egrc Suite. Extensive hands-on labs reinforce the tasks involved in designing and automating GRC processes and extending the value of the RSA Archer egrc Suite throughout the organization. After completing this class, students will be prepared to use the RSA Archer egrc Suite to solve an extensive array of GRC problems and meet the business requirements of various enterprise stakeholders. Audience Governance, risk, and/or compliance professionals, business owners, or IT personnel who need to automate and streamline existing processes, integrate the RSA Archer platform with third-party systems, or deliver assessments across the enterprise. REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED ARCADVADM210 Onsite class ED ARC TRAIN UNIT Training Units Duration 4 days Prerequisite Knowledge/Skills Previous experience creating applications within the RSA Archer product or successful participation in the standard RSA Archer Administration course. Course Objectives Upon successful completion of this course, participants should be able to: Create a custom, multi-stage workflow process that automates a manual process Import existing information from a legacy system into RSA Archer applications and questionnaires Integrate the RSA Archer product with third-party systems and data sources to consolidate enterprise information Design best-practice assessment campaigns to measure compliance across the organization Construct complex search criteria to locate key information and identify data trends Visually showcase compliance with industry regulations through reports and dashboards Alert organization stakeholders through scheduled report distributions Export RSA Archer data into pre-formatted, professional-looking report templates 3 Page 3

6 Course Outline Streamlining GRC Processes Day One Replicating a multi-stage workflow to transfer a manual, paper-based process to an automated, online tool Constructing a scalable access control framework for enabling end users to participate in GRC processes Automating and manipulating data through calculations to support enhanced data analytics and reduce data entry time Integrating External Data Day Two Transferring leveled, document-centric policies into a data-centric format in the RSA Archer Platform Using a data feed targeting database sources to quickly transfer legacy data to a centralized system Creating a data feed to access an RSS source and retrieve the information into an RSA Archer application Transferring data between RSA Archer applications to support data trending and reduce manual effort Demonstrating Compliance Day Three Importing compliance questions into RSA Archer s global question library Creating an assessment campaign to demonstrate compliance with internal and external regulations Managing question scoring and findings generation to better understand the risk impact to the organization Referencing existing assessment responses in future assessments Communicating GRC Data Day Four, Part I Generating real-time reports across distant data relationships to provide greater insights into GRC processes Designing a user-friendly dashboard and interface to clearly communicate the posture of various business units Delivering snapshot reports on a set schedule to inform key stakeholders of the current status Exporting RSA Archer data to and Word templates to generate professional-looking, document-based reports for senior management Publishing RSA Archer data to external databases Maintaining the System Day Four, Part II Discussing resources for the most current installation and sizing recommendations Configuring instance settings via the Archer Control Panel Accessing and reading log files Troubleshooting common RSA Archer issues to ensure effective system operations Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 4

7 Getting Started with Enterprise Risk Management Course Description AT-A-GLANCE This course provides an overview of the concepts, processes, and procedures necessary to successfully begin implementation of an Enterprise Risk Management (ERM) system. Overview Students will gain knowledge of the key RSA Archer ERM components through presentations and hands-on exercises. Audience Risk management team members who will be using the RSA Archer Risk Management solution to define, support, and maintain a risk management initiative. This may include managers, team leads, and anyone involved in scoping a risk project. Duration 2 days REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Prerequisite Knowledge/Skills Familiarity with RSA Archer egrc framework and a general familiarity with organizational Risk concepts. Course Objectives Upon successful completion of this course, participants should be able to: Explain basic Risk Management terminology and methodologies Illustrate the structure of the RSA Archer Risk Management Solution Define business requirements related to Risk Management Begin the implementation process of an Enterprise Risk Management program Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED ARCERM210 Onsite class ED ARCTRAIN UNIT Training Units 5 Page 5

8 Course Outline Introduction to Risk Management What is Risk? General Enterprise Risk Management Approach Overview Types of Risk Digging Deeper Common Frameworks Overview Developing a Common Risk Taxonomy Elements of Risk Management Phases of Growth: Risk Identification Assessment Decision Treatment Monitoring RSA Archer Risk Management Solution RSA Archer ERM Structure Components ERM Processes and Key Integrations with Other Solutions How RSA Archer Maps to Common Risk Frameworks Top-Down Risk Assessment Discussion: Common Issues for Specific Industries/Business Types Exercise: Risk Identification Exercise: Risk Assessment Exercise: Risk Decision Exercise: Risk Treatment Exercise: Metrics Monitoring Exercise: Loss Monitoring Exercise: Overall Monitoring Bottom-Up Risk Assessment Exercise: Create a new Risk Project Exercise: Complete Risk Assessments Exercise: Create reports based on new data Exercise: Bring in sample model data via Data Import Exercise: Create dashboard that incorporates model data s impact on business Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 6

9 Getting Started with Policy and Compliance Management Course Description AT-A-GLANCE This course provides an overview of the concepts, processes, and procedures necessary to successfully begin implementation of a Policy and Compliance Management system. Overview Students will gain knowledge of the key RSA Archer Policy and Compliance Management components through presentations and hands-on exercises. Audience Policy and Compliance management team members who will be using the RSA Archer Policy and Compliance Management solution to define, implement, and maintain a policy and compliance management initiative. This may include managers, team leads, and anyone involved in consolidating policies and ensuring compliance with authoritative sources. Duration 2 days REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED ARCPCM210 Onsite class ED ARC TRAIN UNIT Training Units Prerequisite Knowledge/Skills Familiarity with the RSA Archer egrc framework and a general familiarity with policy and compliance concepts. Course Objectives Upon successful completion of this course, participants should be able to: Explain basic Policy and Compliance Management issues and processes Illustrate the structure of the RSA Archer Policy and Compliance Management Solution Begin the implementation process of a Policy and Compliance Management program 7 Page 7

10 Course Outline Introduction to Policy and Compliance Management Top Policy and Compliance Management Issues Policy and Compliance Processes in a Nutshell Policy and Compliance Key Components RSA Archer Policy Management Solution RSA Archer Interface RSA Archer Policy Structure Components Phased Implementation Approach Post-Implementation Processes Policy Management Exercises Exercise: Analyze Existing Policy Exercise: Define Scope Extraction & Mapping Exercise: Policy Extraction Exercise: Control Standard Extraction & Mapping Exercise: Format/Import Content Exercise: Perform a Gap Analysis Exercise: Import Provided Content Exercise: Approve a Policy Change Exercise: Policy Awareness Campaign RSA Archer Compliance Management Solution Sarbanes-Oxley Act Concerns RSA Archer Compliance Structure Components How Compliance is Rated Exception Requests Workflow Compliance Management Exercises Exercise: Review Control Procedure Mapping Exercise: Assess a Process Control Exercise: Assess a Technical Control Exercise: Address Findings Remediation Plan Exercise: Address Findings Exception Request Compliance Strategies Control-Based Compliance Asset-Based Compliance Compliance Testing Cycle Round Table Discussion Additional Resources Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 8

11 RSA Security Operations Management Solution Basics Course Description AT-A-GLANCE This course provides an overview of the concepts, processes, and procedures to effectively use RSA Security Operations Management Solution in a Security Operations Center. Overview Students will gain knowledge of the structure and operations of the RSA Security Operations Management Solution through presentations and hands-on exercises. This course addresses the tasks and responsibilities of several typical roles and personas that are part of an organization s Security Operations Center. Audience Customers who perform the following jobs can benefit from this course: Security Operations Center (SOC) manager Breach coordinator Incident coordinator Incident handler IT Helpdesk analyst REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED SECOPS210 Onsite class ED ARCTRAIN UNIT Training Units Duration 2 days Prerequisite Knowledge/Skills To receive the most benefit from this training, we recommend that students have: Basic understanding of the use and management of RSA Archer and RSA Archer Enterprise Management Solution Basic understanding of the use and management of RSA Security Analytics Familiarity with basic security event reporting and analysis Familiarity with basic Security Operations Center functions and tasks Course Objectives Upon successful completion of this course, participants should be able to: Understand the industry standards such as VERIS, NIST, and SANS with respect to reporting and managing a security incident response process; and how RSA Security Operations Management Solution is so aligned Understand the high-level solution architecture of the RSA Security Operations Management Solution Explain the security operations management workflow supported by the RSA Security Operations Management Solution Explain and navigate the built-in dashboards of the RSA Security Operations Management Solution Identify and understand the differences between the six personas (roles) supported by the RSA Security Operations Management Solution Understand the workflows in the solution for the respective SOC personas Identify the phases and workflow relating to incident management Understand the contribution of RSA Security Operations Management Solution to SOC operations 9 Page 9

12 Course Outline Security Operations Management Overview Function and purpose of a Security Operations Center (SOC) Security incident response industry standards [VERIS, NIST, and SANS] Capabilities of RSA Security Operations Management Solution Solution architecture Key personas in Security Operations Management Security Operations workflow RSA Archer Enterprise Management Solution Overview Introduction to RSA Security Operations Management Solution RSA Security Operations Management Solution dashboards and navigation RSA Security Operations Management Solution implementation lifecycle Managing SOC Readiness Managing the SOC staff and Contacts Managing SOC policies and procedures Incident Response Incident response workflow Alerts and incidents; aggregating alerts Incident types Incident Declaration, Creation, Assignment, Review, and Closure Incident response tasks Incident escalation Incident investigation, forensic and impact analysis Handling shift handovers Data Breach Response Data Breach response workflow Breach risk assessment Declaring a breach Creating and assigning breach tasks Executing a call tree Remediation Issue remediation workflow Findings process Resolving and reviewing findings Exception process Remediation plan Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 10

13 RSA Vulnerability Risk Management Basics Course Description AT-A-GLANCE This course provides an overview of the concepts, processes, and procedures to effectively use RSA Security Operations Management Solution in a Security Operations Center. Overview Students will gain knowledge of the structure and operations of the RSA Archer Vulnerability Risk Management Solution through presentations, demonstrations and hands-on exercises. This course addresses the tasks involved in receiving vulnerability data as Threat Intelligence from sources such as the National Vulnerability Database (NVM) and device asset data from vulnerability scanners such as Nessus and McAfee. Students practice matching vulnerability data with business context from RSA Archer Enterprise Management Solution and creating remediation and exception plans and processes. REGISTER FOR CLASSES: For an up-to-date schedule of Instructor-led classes and other training options, visit the RSA Training and Certification web site: CONTACT US: [email protected] Phone: Int l: Fax: Middlesex Turnpike Bedford, Massachusetts COURSE PART NUMBERS: ED VRM210 Onsite class ED ARC TRAIN UNIT Training Units Audience Customers who perform the following jobs can benefit from this course: Security Operations Center (SOC) manager Security Analyst Incident handler / Incident responder IT Helpdesk analyst Duration 2 days Prerequisite Knowledge/Skills To receive the most benefit from this training, we recommend that students have: Basic understanding of the use and management of RSA Archer and RSA Archer Enterprise Management Solution Familiarity with basic security event reporting and analysis Familiarity with basic Security Operations Center functions and tasks Course Objectives Upon successful completion of this course, participants should be able to: Understand how RSA Vulnerability Risk Management can be used to define and analyze assets, vulnerabilities and remediate risks Understand the high-level solution architecture of the RSA Vulnerability Risk Management Solution Explain the workflow supported by the RSA Vulnerability Risk Management Solution Navigate and interpret the RSA Vulnerability Analytics interface Identify the phases and workflow relating to remediation and exception processes 11 Page 11

14 Course Outline Vulnerability Risk Management Overview Challenges of vulnerability risk management Business needs for vulnerability risk management Introduction to RSA Vulnerability Risk Management Solution RSA Vulnerability Analytics and RSA vulnerability Risk Management Solution architecture RSA Vulnerability Risk Management Workflow Comparison of RSA Vulnerability Risk Management vs. RSA Archer Threat Management Solution RSA Vulnerability Risk Management Solution Implementation Lifecycle Deploying RSA Vulnerability Risk Management Identifying Data Sources Deploying RSA VRM Components Defining and Implementing Your Business Rules and Processes RSA Vulnerability Analytics Components of RSA Vulnerability Analytics Working with the Vulnerability Analytics dashboard Exploring data in reports Drilling into data with Search Automating data handling with Rules Remediating groups of issues as Tickets RSA Archer Vulnerability Risk Management Solution RSA Monitoring remediation and scan activity with RSA Vulnerability Risk Management Solution dashboards RSA Vulnerability Risk Management Solution Sub-solutions and Applications Vulnerability trending analysis Issue management Device synchronization between RSA Vulnerability Analytics and RSA Vulnerability Risk Management Solution Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 12

15 RSA Archer Custom End-User Training Data Sheet Overview RSA Archer supports business-level management of enterprise governance, risk and compliance. With RSA Archer you have the ability to adapt a solution to your requirements without touching a single line of code. The most demanding Fortune 500 companies have seized the power of RSA Archer to automate business process, streamline workflow, control user access, and tailor a user interface and report in real time. AT-A-GLANCE Select the training option that best fits your requirements: Live, Virtual TTT: One half-day of instructor-led, Train-the- Trainer delivered virtually to your training team. Includes 10 days of custom development. ED ARC EUTTT 210 E-Learning: Self-paced, SCORMcompliant e-learning module (with audio) that provides unlimited distribution through your own training site. Includes 15 days of custom development. ED ARC EUELN 210 To ensure that your RSA Archer solution is being leveraged to its maximum potential, RSA Education Services offers the RSA Archer Custom End-User Training Service to guide you through the process of training your organization s end user population. Offering Details With practical experience using Archer solutions, business process and risk management expertise, and instructional design and training delivery skills, an RSA Training Consultant will work closely with you to understand your specific RSA Archer use case and identify learning objectives. You ll have the opportunity to review the training content along the way to ensure that you receive deliverables that will successfully meet your training objectives. While every customer s use case is unique, training may include topics like the following: RSA Archer Overview General Navigation Working with records Instructor-Led: Three days of instructor-led training delivered onsite at your location. Includes 10 days of custom development. ED ARC EUILT 210 Searching and Reporting Custom topics (defined with the customer) This education service is based on a single use case and includes the following: A needs assessment to understand the customer s use case and training requirements CONTACT US [email protected] Phone: Int l: Fax: Middlesex Turnpike A scripted PowerPoint slide deck that includes content customized to your environment Content branded with the organization s logo and standard.ppt template Unlimited use of materials for its end users Access to an editable version of the content Bedford, Massachusetts It was an absolutely fantastic course due to the instructor s energy, enthusiasm, and excitement about the product and interest in our success. The coaching and support throughout the process had a huge impact on our team. VP Educational Services Large Financial Institution 13 Page 13

16 ABOUT RSA RSA, The Security Division of EMC, is the premier provider of security, risk and compliance management solutions for business acceleration. RSA helps the world's leading organizations succeed by solving their most complex and sensitive security challenges. These challenges include managing organizational risk, safeguarding mobile access and collaboration, proving compliance, and securing virtual and cloud environments. Combining business-critical controls in identity assurance, encryption & key management, SIEM, Data Loss Prevention and Fraud Protection with industry leading egrc capabilities and robust consulting services, RSA brings visibility and trust to millions of user identities, the transactions that they perform and the data that is generated. For more information, please visit and or RSA Global Services Sales. Copyright 2015 EMC Corporation. All rights reserved. 02/18/15 EMC 2, EMC, RSA, RSA Security, Archer and the RSA logo are registered trademarks of EMC Corporation in the United States and/or other countries Page 14