Our training courses help you improve the resilience of your organization in different ways.


Introduction to the CERT Resilience Management Model
This three-day course introduces a model-based process improvement approach to managing operational resilience using the CERT-RMM, a maturity model that promotes the convergence of security, business continuity, and IT operations activities to help organizations actively direct, control, and manage operational resilience and risk.

CERT Resilience Management Model Appraisal Boot Camp
This two-day course provides an overview of the CERT-RMM Capability Appraisal Method, which helps you to apply the Standard CMMI Appraisal Method for Process Improvement (SCAMPI) using CERT-RMM. Those seeking to become SEI-certified CERT-RMM Lead Appraisers must complete this course as part of their certification requirements.


Assessing Information Security Risk Using the OCTAVE Approach
In this three-day course, participants learn to perform information security risk assessments using the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) Allegro method. The OCTAVE Allegro approach provides organizations a comprehensive methodology that focuses on information assets in their operational context. You can also take the same course online.

Executive Certification

CISO Executive Education Program
This six-month program is designed for cyber professionals who are responsible for their organization's information security. As a part of the Heinz College CIO Institute, this program benefits from Carnegie Mellon University and the federally funded CERT Division of the Software Engineering Institute, both organizations recognized for their leadership in information assurance and security.

Register for Training

Register for training using the links on the left. If you have questions about any of these training opportunities, contact us.

Contact Us

Learn More About CERT-RMM and OCTAVE

CERT-RMM enables organizations to take a process improvement approach to ensuring their resilience in face of business and security challenges.

OCTAVE is a risk-based product that can be used for assessing and planning for information security.