Build a greater understanding of the impact of IT risk and how it relates to an overall organization. Assure development of more effective plans to mitigate risk, establish a common perspective and language about IT risk that can set the standard for your enterprise.
Learning Objectives
- Laws, regulations, standards, and compliance requirements related to risk management
- Components of enterprise systems architecture
- Business goals and objectives related to risk management
- Methods to identify risk
- Risk scenario development tools and techniques
- Risk identification and classification standards and frameworks
- Elements of a risk register
- Risk appetite and tolerance
- Risk analysis methodologies (quantitative and qualitative)
- Organizational structures
- Organizational assets
- Organizational policies and standards related to risk management
- Business process review tools and techniques
- Analysis techniques (e.g., root cause, gap, cost-benefit, return on investment [ROI])
- Maturity model assessment and improvement techniques and strategies
- Data analysis, validation, and aggregation techniques (e.g., trend analysis, modeling)
- Data collection and extraction
Framework Connections
The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):
Specialty Areas
- Risk Management
Feedback
If you would like to provide feedback on this course, please e-mail the NICCS team at NICCS@mail.cisa.dhs.gov. Please keep in mind that NICCS does not own this course or accept payment for course entry. If you have questions related to the details of this course, such as cost, prerequisites, how to register, etc., please contact the course training provider directly. You can find course training provider contact information by following the link that says “Visit course page for more information...” on this page.