Principles of Risk Management in Information Security
Your focus will be to understand how to perform information security risk assessments and how to communicate your findings to executives and the Board. Awareness of the information security risks related to confidential information, intellectual property, and the consequences of disruptions to our business objectives is increasing. We are also seeing Board’s beginning to take notice and ask questions, expecting that they will be reported to by information security just as they would Risk, Audit, Compliance and others. This course will review practical information security risk assessment frameworks and methods for quantifying uncertainties related to business decisions about information security.
At the end of the course, students will be able to:
• Describe risk, controls, risk management, and their relationship to business and information security.
• Demonstrate US and International legal and regulatory obligations impact on risk management processes and assessments.
• Show practical methods for performing risk assessments and for quantifying uncertainties related to business decisions about information security
• Explain and apply assessment methodologies and describe their use and outcomes