• Online, Self-Paced

Security Professionals rely on risk management to justify and develop an Information Security program. In this course, Risk Assessment and Management, you will learn comprehensive knowledge of risk management and the theories, concepts, and practices of threat modeling and enterprise risk management. First, you will learn about establishing the context for risk management. Next, you will compare the various methods of risk assessment. Finally, you will examine the options for risk response and monitoring. When you're finished with this course, you will have the skills and knowledge of information security needed to be an effective manager and practitioner in information and risk management.

Learning Objectives

  • Risk Frameworks- ISO27005, 31000, NIST, HTRA
  • Framing Risk
  • Assessing Risk
  • Mitigating Risk
  • Monitoring Risk

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.