Information Risk Management (Part 2)


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description
In this course, you will learn to manage information risk to an acceptable level, based on risk appetite in order to meet organizational goals and objectives. This course helps prepare you for the CISM exam Domain 2.

Target Audience
Security practitioners who have at least five years of work experience in the field of information security, and with at least three years in the role of information security manager

Prerequisites
None

Expected Duration (hours)
0.5

Lesson Objectives

Information Risk Management (Part 2)

  • start the course
  • identify risk assessment and analysis methodologies
  • prioritize risk scenarios and treatment
  • specify risk reporting requirements
  • apply risk treatment and response methodologies
  • compare control baselines and standards
  • analyze information security controls and methods
  • describe information security gap analysis techniques
  • define risk management for business and IT processes
  • specify compliance reporting requirements and processes
  • perform cost benefit analysis for risk assessment
  • describe information risk management

    • Course Number:
    sp_cesm_a04_it_enus

    Expertise Level
    Intermediate