Risk Management and Information Systems Control: IT Risk Assessment

This course outlines the process of risk assessment, the follow up to the risk framing and risk identification processes done previously. This will help you understand the entire risk management process and prepare for ISACA's CRISC examination.
Course info
Rating
(16)
Level
Intermediate
Updated
Dec 16, 2016
Duration
1h 31m
Table of contents
Description
Course info
Rating
(16)
Level
Intermediate
Updated
Dec 16, 2016
Duration
1h 31m
Description

This course addresses the third part of the risk management effort, the assessment and prioritization of risk. This will ensure that management is provided complete and accurate information required to make the appropriate risk response decision. You will learn the process of risk assessment including threat and vulnerability identification, analysis of impact and likelihood of risk, and the process of communicating risk to management. As a candidate for the CRISC examination, it is essential to have a solid understanding of risk assessment.

About the author
About the author

Kevin Henry is a passionate mentor and educator in the fields of information security and audit. Mixing experience with knowledge, Kevin delivers effective training programs for companies and individuals worldwide. A frequent speaker at prestigious conferences, Kevin is known for a clear understandable manner of imparting practical information and explaining difficult topics.

More from the author
More courses by Kevin Henry
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Kevin Henry, a security risk consultant and a holder of the CRISC certification. Welcome to my course on Risk Assessment. This is the third course in a series that addresses the risk management process. This course examines the assessment and evaluation of risk, and leads into the next courses on Risk Response and Risk Monitoring. These courses are an excellent overview of the risk management process, and it will also help you prepare for ISACA's CRISC, the Certified in Risk and Information Systems Control examination. I work in outreach as a security evangelist at Team Cymru. When we are designing and implementing an IT security strategy, we depend on the quality of data gathered in the risk management process to select appropriate controls. This course examines the methods and phases of risk assessment, that is to evaluate, prioritize, and communicate risk to management. This results in the assessment process to help management to determine the appropriate risk response strategy during the next phase of the risk management process. Some of the major topics we will cover include the process of risk assessment, prioritization of risk based on risk evaluation, identification of vulnerabilities, and communicating risk to management. By the end of this course, you'll have an understanding of risk assessment and the way that this assessment supports in the overall process and goals of risk management. This is the third course in a series of five courses on risk management, and I hope you'll join me for each one of them. From here, you should feel comfortable diving into the courses on Risk Response and Risk Monitoring. I hope you'll join me on this journey to learn about risk management with this Risk Assessment course at Pluralsight.