This course presents a complete framework for the oversight, evaluation, mitigation, and monitoring of risks to information technology assets. Effective risk management requires a structured, organized approach that should identify high-value assets, describe their environment, analyze their vulnerabilities and threats, and assess the risks based on likelihood and impact of exploitation. Using a sound basis for risk assessment sets the foundation for risk mitigation and should be an integral part of any information security program.
- Governance Models
- Assessing Risk
- Risk Mitigation
- Risk Monitoring and Reporting