Information Risk Management (Part 1)

Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level

---

Overview/Description
This course covers managing information risk to an acceptable level based on risk appetite in order to meet organizational goals and objectives. You will also prepare for the CISM exam Domain 2.

Target Audience
Security practitioners who have at least five years of work experience in the field of information security, and with at least three years in the role of information security manager

Prerequisites
none

Expected Duration (hours)
0.5

Lesson Objectives

Information Risk Management (Part 1)

start the course

recognize information asset classification

assign ownership of assets and risk

evaluate impacts of events on information assets

monitor internal and external risk factors

recognize information asset valuation methods

specify legal, regulatory, and organizational requirements

recognize information security threat sources

identify events needing risk reassessment

define information threats, vulnerabilities, and exposures

describe what is involved with information risk management

Course Number:
sp_cesm_a03_it_enus

Expertise Level
Intermediate