• Online, Self-Paced

This course presents a complete framework for the oversight, evaluation, mitigation, and monitoring of risks to information technology assets. Effective risk management requires a structured, organized approach that should identify high-value assets, describe their environment, analyze their vulnerabilities and threats, and assess the risks based on likelihood and impact of exploitation. Using a sound basis for risk assessment sets the foundation for risk mitigation and should be an integral part of any information security program.

Learning Objectives

  • Governance Models
  • Assessing Risk
  • Risk Mitigation
  • Risk Monitoring and Reporting

    Framework Connections

    The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

    Feedback

    If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.