3213 Duke St #190
The FITSP program is represented by the FITSP FBK (Federal Body of Knowledge). The FBK is broken down into six domains. A domain is considered an area of knowledge.
Each certification role contains the same six domains but is tested on a different set of publications, themes, and topical areas that are relevant to each respective job role.
See the CEG (Candidate Exam Guide) for each respective FITSP certification role for a full breakdown of publications, themes, and topical area that are covered.
Candidates who pursue the FITSP certification will be required to be proficient in each of the following six content areas.
1. NIST Special Publications - This domain focuses on the full range of NIST 800 series special publications.
2. NIST Federal Information Processing Standards - This domain focuses on roughly 13 Federal Information Processing Standards depending upon the role based certification pursued (i.e., FIPS 140-2, FIPS 180-3, FIPS 197, etc.).
3. NIST Control Families - This domain focuses on the 18 control families as defined in NIST SP 800-53. Candidates are expected to be familiar with the 18 control families and corresponding controls from each family.
4. Government Laws and Regulations - This domain focuses on the memorandums, circulars, executive ordes, and laws that are required by OMB, Congress and Presidential Directives. Examples would include the FDCC as detailed in OMB M07-11, FISMA, OMB A-130 Appendix III, HSPD-12, etc.
5. NIST Risk Management Framework - This domain focuses on the NIST RMF in support of system authorization. Documents such as NIST SP 800-37 Rev 1 and supporting documents are tested.
6. NIST Interagency Reports - This domain focuses on several key NIST Interagency Reports that have been published to date.