Risk Analysis: Security Risk Management

Risk Analysis: Security Risk Management

• discover the key concepts covered in this course
• describe risk as it relates to information systems
• differentiate between threats, vulnerabilities, impacts, and risks
• describe the first step of the NIST risk management framework, categorizing risk
• describe the second step in the RMF, selecting security controls
• describe the third step in the RMF, implementing security controls
• describe forth step in the RMF, assessing security control effectiveness
• describe the fifth step in the RMF, examining output of security controls assessment to determine whether or not the risk is acceptable
• describe the last step in the RMF, monitoring controls
• recognize the benefits of a control focused risk management approach
• recognize the benefits of an event focused risk management approach
• list keys to presenting risk to shareholders, such as soliciting stakeholder input
• differentiate between different risk responses such as accepting, avoiding, mitigating, sharing, or transferring risk
• summarize the key concepts covered in this course

Explore security risk management concepts and discover how to assess, categorize, monitor, and respond to organizational risks. Examine key terms such as threats, vulnerabilities, impacts, and risks, as well as the steps involved in the NIST risk management framework.