Course details

Risk Analysis: Security Risk Management

Risk Analysis: Security Risk Management


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level



Overview/Description

In this 14-video course, learners can explore security risk management concepts and discover how to assess, categorize, monitor, and respond to organizational risks. Examine key terms such as threats, vulnerabilities, impacts, and risks, and the steps involved in the National Institute of Standard and Technology (NIST), risk management framework (RMF). Begin by learning how risk relates to information systems, and look at the concepts of managing risks, differentiating between threats, vulnerabilities, impacts, and risks. Examine the first step of the NIST RMF, categorizing risk, and then the second RMF step, selecting security controls. Next, observe the third step, implementing security controls; the fourth step, assessing security control effectiveness; the fifth step, examining risk, and output of security controls assessment to determine whether or not the risk is acceptable; and the last step, monitoring controls. Recognize benefits of a control-focused risk management approach; the benefits of an event-focused risk management approach; and risk communication. Finally, explore risk response and remediation, and differentiating between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk.



Expected Duration (hours)
0.6

Lesson Objectives

Risk Analysis: Security Risk Management

  • discover the key concepts covered in this course
  • describe risk as it relates to information systems
  • differentiate between threats, vulnerabilities, impacts, and risks
  • describe the first step of the NIST risk management framework, categorizing risk
  • describe the second step in the RMF, selecting security controls
  • describe the third step in the RMF, implementing security controls
  • describe forth step in the RMF, assessing security control effectiveness
  • describe the fifth step in the RMF, examining output of security controls assessment to determine whether or not the risk is acceptable
  • describe the last step in the RMF, monitoring controls
  • recognize the benefits of a control focused risk management approach
  • recognize the benefits of an event focused risk management approach
  • list keys to presenting risk to shareholders, such as soliciting stakeholder input
  • differentiate between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk
  • summarize the key concepts covered in this course
  • Course Number:
    it_sarkandj_01_enus

    Expertise Level
    Intermediate