• Online, Self-Paced
Course Description

Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register.

Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM.

Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization.

This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Risk Management
  • Systems Analysis
  • Vulnerability Assessment and Management


If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.