Search the Community

Published 6/2024 Created by Richea Perry MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz, 2 Ch Genre: eLearning | Language: English | Duration: 26 Lectures ( 2h 56m ) | Size: 1.64 GB Assessing Information Security Risk Using NIST SP 800-30r1 What you'll learn: A practical understanding of conducting a comprehensive risk assessment following NIST SP 800-30 guidelines. Foundations of assessing Information security Risk Preparation for an Information Security Risk Assessment Conducting an Information Security Risk Assessment Communicating and Sharing Results an Information Security Risk Assessment How to Maintain an Information Security Risk Assessment How to align an Information Security Risk Assessment with business objectives How to produce an Information Security Risk Assessment report to present to senior management How to develop, organize and structure an assessment team Requirements: Basic Understanding of Information Security Concepts Familiarity with Risk Management Frameworks Experience in IT or Security Roles Basic Technical Skills Awareness of Organizational Policies and Procedures Description: In this course we take a deep dive into the risk assessment element or component of the risk management process as it relates to information security.This course focuses on a practical approach to the risk assessment component of risk management-providing a step-by-step process for organizations on: (i) how to prepare for risk assessments; (ii) how to conduct the risk assessments; (iii) how to communicate risk assessment results to key organizational personnel; and (iv) how to maintain the risk assessments over time. Risk assessments are not simply one-time activities that provide permanent and definitive information for decision makers to guide and inform responses to information security risks. Rather, organizations employ risk assessments on an ongoing basis throughout the system development life cycle and across all of the tiers in the risk management hierarchy and that is what we intend to achieve by doing this course.This course is broken down as follows:SECTION-1: FOUNDATION Intro to KEY RISK CONCEPTS1- What does it mean to assess information security risks?2a- Why is it necessary and what roles does this process plays in keeping an organization's, businesses, people, processes, technology and data secure?2b-Risk assessments can support a wide variety of risk-based decisions and activitiesSECTION-2: CONDUCTING THE RISK ASSESSMENT Intro to the case scenario and its requirementsThe approach to addressing the case1-PREPARATION PHASE2-CONDUCTING THE RISK ASSESSMENT PHASE3-COMMUNICATING AND SHARING RISK ASSESSMENT INFORMATION PHASE4-MAINTAINING THE RISK ASSESSMENT PHASE5-PRODUCTING THE FINAL REPORT: Risk Assessment Report for FinSecure, Inc.Delve into this course to see the other wonderful resources presented in the following sections.SECTION-3:SECTION-4:SECTION-5 Who this course is for: Chief Information Security Officers (CISOs) Risk Assessment Managers Security Analysts Compliance Officers IT Operations Managers Incident Response Team Leads Third-Party Risk Managers Homepage