Risk Management and Information Systems Control
Offered By: Cybrary
Course Description
Overview
In this cybersecurity risk management course, you will learn about cybersecurity and IT manager's roles to determine and establish risk assessments for projects. This will help you identify project risks when making business decisions. You will also learn terminologies used in Risk Management by executives and managers. Additionally, will learn how to apply these concepts in your environment (devices, applications, systems and projects).
This is not a class about operations on securing networks or devices. This is a class about providing the mindset needed to think about processes, procedures and controls regarding flow of information and determining risks and quantifying it for management to make decisions properly. Concepts such as assets, threats and vulnerabilities that establishes risk and the ways to measure it such as Qualitative and Quantitative Risk measurements.
You can then apply the knowledge from this course to design and request projects better as you are able to provide a better business case and justify budget as it pertains to the risk associated with the project. You can then provide and justify a preliminary risk analysis to assist in building a better business justification of a project.
We will discuss real world examples and white papers from other organizations and do an autopsy of such failures in establishing risk that led into outages or breach. We will also look into how management failed to establish and identify their risk accordingly.
Prerequisites for this Cybersecurity Risk Management Course
Basic understanding of network devices, systems and applications used by a business. Some basic understanding of business concepts such as ROI and budgets as well as some project experience.
Cybersecurity Risk Management Course Goals
By the end of this cybersecurity risk management course, students should be able to:
- Understand concepts with regards to Risk Management
- Understand concepts about establishing Information System Controls
- Understand terminologies used in risk management
- Be able to provide preliminary risk analysis
- Be able to use qualitative and quantitative risk measuring techniques for providing risk calculations to management
What is Cybersecurity Risk Management?
Risk management typically refers to the forecasting and evaluating of risks along with the identification of strategies and procedures that can be used to prevent or minimize their impact. Cybersecurity risk management is used to guide many IT decisions as these risks continue to create critical outcomes that negatively affect the overall health and performance of organizations.
What Does this Cybersecurity Risk Management Training Entail?
In this security risk management training, students will learn about the principles of risk management and the four key elements:
- Risk Identification
- Risk Assessment
- Risk Response
- Risk Monitoring
Students will learn to identify cybersecurity related threats and vulnerabilities, to determine the risk level of those vulnerabilities, to define controls and safeguards, and to perform cost-benefit analysis or business impact analysis.
The Risk Management Micro Certification prepares students to perform the four key elements, which is typically the primary responsibility of most information security professionals. Students will also learn best practices as they relate to cybersecurity risk management. These are skills that, once learned, will be immediately beneficial to the organizations that students work for.
At the end of the training, there is a skill certification test that will assess the students’ grasp of risk management for cybersecurity. The total clock hours for the course is 5 hours and 20 minutes. Students will earn 4 CEU/CPE and a Risk Management Certificate of Completion when they finish the course.
Who Should Take this Cybersecurity Risk Management Training?
This security risk management training is ideal for IT managers, cybersecurity managers, and those IT professionals who aspire to be managers. However, as an introductory course, it’s also designed for anyone with a desire and willingness to learn about risk management in the cybersecurity and IT fields.
Having basic knowledge of information security and information security management topics will be helpful for students, but it isn’t a prerequisite. The class will be facilitated using a step-by-step approach for performing a risk assessment no matter what their technical information security or management background is.
Why is Security Risk Management Important?
Cybersecurity is frequently considered to be an IT issue. However, when thought of in broader terms, it’s a strategic risk management issue that involves people, processes, technologies, policies, and intelligence. There are very clear benefits that organizations will enjoy when they adopt a risk management approach to cybersecurity:
- Operational benefits – The right cybersecurity approach and compliance culture along with the right set of technologies allows organizations to reap the natural operational benefits that come with it, such as more robust policies and processes.
- Strategic benefits – A risk management approach to cybersecurity in which all security team members are more aware of potential risk exposure across the organization creates a better security posture overall. That, in turn, will create a higher level of confidence in the investors and shareholders.
- Financial benefits – The careful evaluation and mitigation of cybersecurity risks can ultimately lead to financial benefits in the form of reduced potential fines, prevention of losses due to cyberattacks, and the minimization of the financial impact in case of data breaches.
If you are interested in risk management as it applies to cybersecurity, this security risk management training is the best place to start. It’s easy to enroll, just click on the Register button in the top right corner of this screen to begin.
Syllabus
- Risk Management in Information Technology
- Risk Management Introduction
- What is Risk?
- Terms in Cybersecurity
- What is Risk Management?
- Risk Assessment Process
- Qualitative Risk Assessment
- Quantitative Risk Assessment
- Risk Mitigation
- Risk Avoidance
- Risk Transference
- Risk Acceptance and Risk Rejection
- Course Review
- Course Assessment
- Course Assessment - Risk Management and Information Systems Control
Taught by
Robert Guana
Related Courses
Security Principles(ISC)² via Coursera Emergency and Disaster Training and Exercising: An Introduction
Coventry University via FutureLearn A General Approach to Risk Management
University System of Georgia via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)
Amazon Web Services via AWS Skill Builder