Every organization needs to carefully manage finite resources and budgets in the course of implementing an information security strategy in order to protect the organization while achieving its business objectives. In this course, Information and Cyber Security GRC: Risk Management, you’ll learn the fundamentals of completing a risk assessment to understand and review information security in enterprise programs and activities. First, you’ll explore the objectives of an information security risk assessment. Second, you'll learn how to build a business and technology operating model to articulate the impact of undesirable disruption to an organization’s mission. Third, you'll use this model to create risk scenarios and understand the likelihood of threats exploiting a vulnerability in your operating environment.
Overview
Every organization needs to carefully manage finite resources and budgets in the course of implementing an information security strategy in order to protect the organization while achieving its business objectives. In this course, Information and Cyber Security GRC: Risk Management, you’ll learn the fundamentals of completing a risk assessment to understand and review information security in enterprise programs and activities. First, you’ll explore the objectives of an information security risk assessment. Second, you'll learn how to build a business and technology operating model to articulate the impact of undesirable disruption to an organization’s mission. Third, you'll use this model to create risk scenarios and understand the likelihood of threats exploiting a vulnerability in your operating environment.
Syllabus
- Course Overview 1min
- Introducing Information Security Risk Assessments 10mins
- Common Procedures and Objectives 23mins
- Building a Business Impact Assessment 19mins
- Building Risk Scenarios 22mins
- Business Lifecycle and Risk 18mins
Taught by
Po Yau