- Duration: Flexible
Course details
This course on information security risk management is designed to provide an in-depth understanding of the key concepts and best practices for identifying, assessing, and mitigating potential security threats to an organization's information assets. The course will cover topics such as threat assessment, vulnerability analysis, risk assessment, and risk mitigation.
You will learn about the different types of threats that organizations face, including external threats such as cyber attacks and natural disasters, as well as internal threats such as employee negligence or sabotage. You will also learn how to identify vulnerabilities in software, hardware, and organizational processes and procedures.
You will learn how to conduct risk assessments to evaluate the potential impact of identified threats and vulnerabilities on an organization's information assets. This includes determining the likelihood of a particular threat or vulnerability being exploited, as well as the potential impact on the organization if it were to occur.
The course will also cover various risk management frameworks such as NIST SP 800-30, ISO 27005, COBIT, and NIST Cybersecurity Framework, which provide guidance on best practices for identifying, assessing, and mitigating information security risks. By the end of the course, you will have a comprehensive understanding of information security risk management and how to apply these concepts in real-world situations.
This course is suitable for professionals working in the field of information security, IT, or related fields, as well as anyone interested in learning more about how to protect organizations from potential security threats.
This course is organized in 9 sections:
Section 1 gives an Introduction to the concept of Risk Management and you will learn below concepts:
Why to Manage Risk
Why Risk Management
Components of Risk management
Section 2 describes the Risk Management Terminologies, and and you will learn below concepts:
Importance of Risk Management Terminologies
What are Assets ?
What are Threats ?
What is Vulnerability ?
What is Impact and Likelihood
Risk Governance Vs Risk Management
What is Risk Tolerance
Section 3 discusses Risk Management Frameworks and you will learn below concepts:
Risk management on Higher level
What is Risk Management Framework ?
ISO/IEC31000, ISO 27005, NIST SP 800-37 and NIST SP 800-39
NIST (SP 800-37), Risk Management framework for Federal Information systems
Section 4 discusses Risk Management Process - 50,000 ft Overview and you will learn below concepts:
Part 1 - Frame or Setting up the Context
Part 2 - Assess the Risk
Part 3 - Respond to Risk
Part 4 - Monitor the Risk
Section 5 discusses about Risk Management Framework - part 01 Deep Dive and you will learn below concepts:
Scoping of Risks
Risk Management team and its efforts
Where to check if there are Existing Risks
Section 6 discusses about Risk Assessment - Part 02 Deep Dive and you will learn below concepts:
What is Threat Modelling
Threat Modelling Techniques
Risk Assessment Methodologies
Output : Risk Assessment Results
Section 7 discusses about Risk Mitigation - Part 03 Deep Dive and you will learn below concepts:
What is Risk Reduction or Mitigation
What is Risk Transfer
What is Risk Avoidance
What is Risk Acceptance
Section 8 discusses about Risk Monitoring - Part 04 Deep Dive and you will learn below concepts:
Why Risk Monitoring
What to do in Risk Monitoring phase
Section 9 : Bonus Section
Best Practices in Risk Management
Quiz
- Basics of Network Security Academy for Health & FitnessUSD 13Duration: Upto 5 Hours
- Data Protection (GDPR) Practitioner Course LineUSD 24
USD 480Duration: Upto 7 Hours
