• Online, Self-Paced

The categorization of security risks is essential for effectively assessing and managing risk. In this course, you'll explore the assessment, classification, and prioritization of security risks.

You'll begin by outlining the concept of risk assessment and the advantages of different risk assessment techniques. You'll also investigate the features of security assessment methods, such as vulnerability assessment and penetration testing, and discover how to assess security vulnerability.

Moving on, you'll recognize the significance of risk categorization and how to update a risk register in Microsoft Excel using a four-quadrant risk classification matrix.

Finally, you'll identify the purpose and process of risk prioritization, and the role of a probability-impact matrix in determining risk levels. You'll then investigate how to use the matrix to prioritize risks on a security risk register.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):

Specialty Areas

  • Cyber Operational Planning
  • Cyber Operations
  • Cyber Defense Infrastructure Support
  • Cybersecurity Management
  • Executive Cyber Leadership
  • Risk Management
  • Threat Analysis
  • Vulnerability Assessment and Management

Specialty Areas have been removed from the NICE Framework. With the recent release of the new NICE Framework data, updates to courses are underway. Until this course can be updated, this historical information is provided to give better context as to how it can help you with your cybersecurity goals.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.