• Online, Self-Paced

Discover how to identify and manage risks associated with engaging in specific business activities supported by IT solutions. Explore threat modeling, business impact analysis, and risk acceptance, mitigation, and avoidance.

Learning Objectives

System Security Certified Practitioner (SSCP 2018): Risk Management

  • Course Overview
  • describe how proper risk management can allow businesses to engage in productive activities while maintaining levels of security
  • categorize risks using a risk register and common vulnerability scoring system, and share threat data
  • identify and prioritize potential security threats
  • determine how realized threats can negatively affect business processes
  • apply common risk management frameworks such as ISO and NIST to organizational threats
  • safely engage in endeavors that can present threats
  • offload risks to third parties
  • implement security controls to reduce the impact of realized threats
  • avoid risk by not engaging in activities that present threats
  • use industry-standard calculations to determine the feasibility of implementing a security control
  • implement risk management techniques

 

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.