This course covers the first three steps of the Risk Management Framework (RMF).  These are generally tasks assigned to the Information System Owner (ISO) and the staff that supports the development of the information system.  In the FedRAMP program, these tasks are covered in Step 1 of the FedRAMP Security Assessment and Authorization Process.