CISM 2020: Managing IT Risk


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Using on-premises and cloud computing IT environments introduces an element of risk. In this course, you'll explore risk management concepts, including gap analysis and SWOT, as well as strategies to manage risk, such as applying risk treatments and creating a risk register.

Additionally, you'll outline data governance and examine the responsibilities of specific data roles, including the data owner and data custodian. You'll then work with data classification using Amazon Macie and Microsoft FSRM.

Moving on, you'll learn how to tag cloud resources and carry out cloud risk assessments. You'll explore how to determine if specific security controls are worth implementing to protect assets. Lastly, you'll investigate how to establish a security awareness program through the organization.

This course is one of a collection of courses that prepares learners for the Certified Information Security Manager (CISM) certification.



Expected Duration (hours)
1.4

Lesson Objectives

CISM 2020: Managing IT Risk

  • discover the key concepts covered in this course
  • outline how to apply common risk management concepts, such as gap analysis, SWOT, and risk vs. incident
  • outline how to determine the risk appetite of an organization
  • list asset risks centrally in a risk register
  • outline how to determine organizational asset values
  • recognize the responsibilities associated with data roles, such as data owner and data custodian
  • recall the importance of classifying data and assigning data responsibility
  • use Amazon Macie to classify cloud data
  • use Microsoft FSRM to classify file server data
  • tag cloud resources to facilitate resource tracking
  • outline how to conduct a cloud risk assessment
  • outline how to calculate the annual loss expectancy to help in determining IT security ROI
  • recognize the importance of communicating security awareness at all levels of an organization
  • summarize the key concepts covered in this course

    • Course Number:
    it_spcism2020_02_enus

    Expertise Level
    Intermediate