Information Security Manager: Information Risk Management

Information Security Manager: Information Risk Management
Information Security Manager: Information Risk Management
English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 4h 20m | 403 MB

Risk management is the key to ensuring information assets have the right amount of protection. In this course, you'll learn how risk management directly affects security and the organization.

While protecting information assets is the primary goal of an information security program, risk management determines the balance between resources, compliance, and security. In this course, Information Security Manager: Information Risk Management, you'll gain a solid foundational knowledge of the risk management aspect of security, as well as skills you can use to effectively manage risk in your organization. First, you'll learn how to classify and assign value to information assets, determine legal and governance requirements for risk management, and how to quantify the elements of risk. Next, you'll explore how to conduct risk assessments and analysis to determine the amount of risk present. Finally, you'll discover risk response options, how to implement them, measure them, and report on risk. By the end of this course, you'll be well-versed in information risk management and how it affects an information security program.

Table of Contents

01 - Course Overview
02 - Identifying Information Asset
03 - Scenario - Globomantics’ Information Assets
04 - Understanding Asset Value
05 - Scenario - Placing Value on Globomantics’ Information Assets
06 - Classifying Information Assets
07 - Scenario - Classifying Globomantics’ Information Assets
08 - Information Asset and Risk Ownership
09 - Scenario - Information Asset and Risk Ownership at Globomantics
10 - Assigning Information Asset Value
11 - Scenario - Asigning Value to Globomantics' Assets
12 - Summary
13 - Legal Requirements and Risk
14 - Scenario - Legal Requirements for Risk Management at Globomantics
15 - FISMA and NIST
16 - HIPAA
17 - PCI-DSS
18 - Other Regulatory Risk Management Requirements
19 - Scenario - Risk Management Governance at Globomantics
20 - Summary
21 - Describing Risk
22 - Risk Strategy
23 - Threats and Threat Actors
24 - Vulnerabilities and Assets
25 - Likelihood
26 - Impact
27 - Putting It All Together
28 - Scenario - Risk Management at Globomantics
29 - Summary
30 - Internal and External Risk Factors
31 - Scenario - Internal and External Influences on Risk at Globomantics
32 - Risk Scenarios
33 - Risk Assessments
34 - Risk Assessments Using NIST RMF
35 - Conducting the NIST Assessment
36 - Quantitative and Qualitative Risk Analysis
37 - Calculating Risk
38 - Reassessing Risk
39 - Scenario - Risk Assessments at Globomantics
40 - Summary
41 - Implementing Risk Response
42 - Risk Response Options
43 - Cost_benefit Analysis
44 - Prioritizing Risk Response Options
45 - Responding to Risk
46 - Scenario - Risk Assessments at Globomantics
47 - Summary
48 - Introduction and Control Types
49 - Control Functions
50 - Scenario - Security Controls at Globomantics
51 - Control Standards
52 - Control Assessment
53 - Control Analysis
54 - Scenario - Control Effectiveness at Globomantics
55 - Summary
56 - Business Risk
57 - Scenario - Internal and External Influences on Risk at Globomantics
58 - IT Risk
59 - Integrating Business and IT Risk
60 - Scenario - Integrating Business and Security Risk at Globomantics
61 - Summary
62 - Risk Factors
63 - Risk Metrics
64 - Scenario - Risk Metrics at Globomantics
65 - Developing and Using KPIs
66 - Developing and Using KRIs
67 - Developing and Using KGIs
68 - Monitoring Risk Factors
69 - Risk Indicators at Globomantics
70 - Summary
71 - Reporting Compliance vs. Risk
72 - Reporting Likelihood and Impact
73 - Translating IT Risk to Business Risk
74 - Risk Reports and Practices
75 - Summary