Risk management is a challenge for most organizations. This course, Risk Management and Information Systems Control: Risk Identification, addresses the key parts of the risk management process starting with risk identification. The course first examines the factors that influence risk, from management attitudes and awareness to laws and standards. Next, you will learn about how to identify asset values, threats, and vulnerabilities in your organization. Last, you will learn about management's responsibilities when it comes to risk identification. By the end of this course, you will understand how to perform risk identification in your organization.
Kevin Henry is a passionate mentor and educator in the fields of information security and audit. Mixing experience with knowledge, Kevin delivers effective training programs for companies and individuals worldwide. A frequent speaker at prestigious conferences, Kevin is known for a clear understandable manner of imparting practical information and explaining difficult topics.
Course Overview Hi everyone. My name is Kevin Henry, a Security and Risk Consultant and a holder of the CRISC certification. Welcome to my course on Risk Management. This is the second course in this series that addresses the risk management process and, specifically here, examining risk identification. This leads into the next courses on Risk Assessment, Risk Response, and Risk Monitoring. These courses are an excellent overview of the risk management process, and they will also help you prepare for ISACA's CRISC, that is the Certified in Risk and Information System Control examination. I work in outreach as a Security Evangelist at Team Cymru. When we design, and implement, an IT security strategy, we depend on the quality of the data gathered in the risk management process in order to select appropriate controls. This course exams the methods and phases of risk identification. That is, to identify and document assets, threats, and vulnerabilities, and we'll begin to assess the challenging areas of impact and likelihood. This will help us prioritize and respond to risk more effectively. Some of the major topics that we will cover include the process of risk identification, the steps to collecting quality data, calculation of asset values, and identification of threats and vulnerabilities. By the end of this course, you'll have an understanding of risk management, as a whole, and the process and goals of the risk management process. This is the second course in a series of five courses on risk management and I hope you'll join me for each of them. From here, you should feel comfortable diving into the topic areas of risk assessment, risk response, and risk monitoring. I hope you'll join me on this journey to learn about risk management with this Risk Identification course at Pluralsight.