3213 Duke St #190
Alexandria, VA  22314
Phone 703-828-1196

Register Now for this FITSI Training Event
Event date is Monday December 12th thru Wednesday December 14th, 2016 (the exam is on Saturday, December 17th, 2016)

Event time is 8:30am to 5:30pm

Event location is Alexandria, VA.

     FITSI Member Registration - $700.00
     Public Registration - $850.00


FITSI Member registration - click the link below to register:



Public registration - click the link below to register:



Join FITSI - If you want to get the FITSI member pricing you can join the Federal IT Security Institute first, for only $45/year.

Questions?  Please contact Mr. Alana McCullough at:  training(@)fitsi.org..


Sponsored By


Site Links

About Us
Account Login
Certification Verification
Contact Us
Exam Information
FITSI Foundation
FITSP Overview
Government Adoption
Site Map



FITSI Authorized Training:  FITSP-Auditor Review Course and Certification Exam


This training class will help candidates prepare for the FITSP-Auditor certification.  The FITSP-Auditor certification is designed to demonstrate that federal workforce personnel, both federal employees and contractors, possess the knowledge of federal IT secu-rity requirements necessary to successfully audit and review the management, operational, and technical IT security con-trols for systems owned by, or operated on behalf of, the federal government. This role deals with high-level, cost-effective, risk-based IT security audit functions that assure program value is achieved within the ever-changing risk and evolving threat environments.

Class Outline

    Day 1 – Monday, December 12

  • Introductions
  • FISMA Background- Regulations & Guidelines
    • Presidential Directives
    • Office of Management and Budget
    • Department of Homeland Security
    • Committee on National Security Systems
    • National Institute of Standards and Technology
  • Risk Management Framework Overview – NIST-SP 37 R1
    • Gap Analysis
    • Step 1: Categorization
    • Step 2: Security Control Selection
    • Step 3: Implement Controls
    • Step 4: Assess Controls
    • Step 5: Authorize
    • Step 6: Continuous Monitoring
  • Step 1: Categorization
    • FIPS 199: Security Categorization Standards
    • SP 800-60: Mapping Types to Categories
  • Step 2: Security Control Selection
    • FIPS 200: Minimum Security Requirements
    • NIST SP 800-53 R4 Security Controls Catalog
  • Step 3: Security Controls Implementation
    • NIST Control Families
    • Minimum Security Requirements: FIPS 200
    • Recommended Security Controls: SP 800-53 R4

    Day 2 – Tuesday, December 13

  • Step 4: Assessment 
    • Assessing Security Controls: SP 800-53a
    • Assessment Technical Guide: SP 800-115
  • Step 5-6: Authorization & Monitoring
    • Continuous Monitoring: SP 800-137
    • CAESARS Framework Extension: IR 7756
  • Current State of Federal Information Security
    • FISMA Report
    • Inspectors General’s Findings
    • Progress
    • Path Forward

    Day 3 – Wednesday, December 14

  • Overview of NIST SP 800-53 – Recommended Security Controls for Federal Agencies and Organizations
    • Book 2 – Module 3 – Technical Controls
    • Book 2 – Module 2 – Operational Controls
    • Book 2 – Module 1 – Management Controls

    Day 4 – Saturday, December 17 – FITSP-Auditor Exam

  • 12:30 AM Registration
    • Bring two forms of ID. You must register in ADVANCE on the FITSI.org website as your registration information creates a "FITSI ID", which is necessary to take the exam.
    • You will complete a tutorial of the exam software and exam starts promptly at 9 AM.
    • 9:00 AM – 12:00 PM - Federal IT Security Professional Auditor Exam

The auditor role is designed for candidates who review and audit automated information systems found within the United States Federal Government. These are usually IT auditors that are found within the Inspector General’s community as well as public accounting companies.

Prerequisites and Advanced Preparation
Candidates should meet the prerequisites required for the certification.

Learning Level: Intermediate

Class size: 35

Vendor / Instructor profile
Tyler Harding is a Principal in Kearney & Company’s IT Advisory practice with over 17 years of IT experience. Tyler's expertise is in information security, particularly in the Federal government environment. He has worked as a consultant to CIOs and Office of Inspector General’s of Federal agencies and advised his clients on implementing the mandatory security requirements promulgated by NIST. He currently teaches both the CISA and CGEIT review courses for the local ISACA chapter in the Washington, DC area.  Tyler holds the following credentials:  CPA, CISA, CISSP, CISM, CAP, CGEIT and FITSP-A.

    The class is Monday, Tuesday. and Wednesday, December 12 - 14, 2016 from 8:30 a.m. to 5:30 p.m.  The exam is on Saturday, December 17, 2016.

    Kearney & Company
    1701 Duke St, Ste 500
    Alexandria, VA 22314

Continuing Education Units

    Parking is available in the building. The garage entrance is on Prince Street and is $15 per day. The closest metro is Blue/Yellow at King St. Walk 1/2 block down King St. and turn right onto Reineker's Lane.

Continental breakfast and lunch.

    FITSI Members:  $700
    All Others:  $850

    FITSI Members

    Public Registrations