Information Security Manager: Information Risk Management

Risk management is the key to ensuring information assets have the right amount of protection. In this course, you'll learn how risk management directly affects security and the organization.
Course info
Rating
(11)
Level
Intermediate
Updated
Jan 22, 2018
Duration
4h 20m
Table of contents
Course Overview
Managing Organizational Information Assets
Determining Legal and Regulatory Risk Management Requirements
Elements of Risk
Conducting Risk Assessments
Implementing Risk Treatment and Response
Managing Information Security Controls
Integrating Information Risk into Business and IT
Monitoring Risk
Reporting Risk
Description
Course info
Rating
(11)
Level
Intermediate
Updated
Jan 22, 2018
Duration
4h 20m
Description

While protecting information assets is the primary goal of an information security program, risk management determines the balance between resources, compliance, and security. In this course, Information Security Manager: Information Risk Management, you'll gain a solid foundational knowledge of the risk management aspect of security, as well as skills you can use to effectively manage risk in your organization. First, you'll learn how to classify and assign value to information assets, determine legal and governance requirements for risk management, and how to quantify the elements of risk. Next, you'll explore how to conduct risk assessments and analysis to determine the amount of risk present. Finally, you'll discover risk response options, how to implement them, measure them, and report on risk. By the end of this course, you'll be well-versed in information risk management and how it affects an information security program.

About the author
About the author

Bobby E. Rogers is an information security engineer working as a contractor for Department of Defense agencies, helping to secure, certify, and accredit their information systems. His duties include information system security engineering, risk management, and certification and accreditation efforts.

More from the author
More courses by Bobby Rogers
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
I'm Bobby Rogers, and welcome to the Information Security Manager: Information Risk Management course. I'm a cybersecurity analyst, and I work as a contractor securing information systems for the U. S. government specializing in cyber risk management. Compliance, security, and risk aren't all the same thing. Rather than approach information asset protection from a strict compliance view, risk management requires looking at different changing aspects of security--assets, threats, vulnerabilities, and the likelihood and impact of a negative event. That's why we produced this course that covers implementing information risk management within your organization. We're going to talk about the key things you need to know in order to effectively manage all the aspects of risk within your organization. Some of the major topics that we'll cover include managing information assets, risk governance, risk assessment and analysis, implementing risk response, and managing information security controls. By the end of this course, you'll understand what goes into implementing an information risk management program and how critical it is in protecting assets, ensuring compliance, and saving resources. Before beginning the course, you should be familiar with security concepts and terminology associated with security management, data classification and sensitivity, and requirements for compliance within your organization. Please join me on this journey to learn and understand risk management with the Information Security Manager: Information Risk Management course from Pluralsight.