Information Security Risk Management
Information Security Risk Management
Intermediate
4 Hrs
Understand the concepts around managing information security risk. Conduct a risk-based evaluation of the threats around your information to gain a clear view and prioritize areas for protection.
Understand the concepts around managing information security risk. Conduct a risk-based evaluation of the threats around your information to gain a clear view and prioritize areas for protection.
Overview
Information Security Risk Management (ISRM) is the process around identification, evaluation, treatment and monitoring of information security risks. The goal of information security risk management is to raise awareness of existing threats and establish a framework around the treatment of such through policies, procedures, and technology, overall aiming to reduce the risk from various data threats like cyber-attacks, insider threats, environmental disasters, third parties and others. Information risk is a calculation based on the likelihood that an unauthorized entity will negatively impact the confidentiality, integrity and/or availability of data that you collect, transmit, or store and the potential negative impact this could lead to.
As you progress throughout the course, you will learn the concepts around information security risk management. You would familiarize yourself with enterprise risk assessment, compliance risk assessment, risk treatment and the effect of these on an organization. You would familiarize yourself with vulnerability management, vendor and third-party risk management. Next, you will learn action tracking and auditing. In addition, you will learn to assess security controls and their implementation and influence on information risks. Finally, you will learn to monitor and re-evaluate risks and risk treatment plans.
By the end of the course, you will be able to establish a framework around risk identification, evaluation, action and continuous monitoring, including the identification and enforcement of controls that reduce the possibility of systems, networks, and software being compromised by cyber-attack or other unauthorized activity.
What You Will Learn
- What is Information Security Risk Management (ISRM) and its main concepts.
- The importance of an Information Security Risk Management program within an organization.
- The way risk management connects with other various information security functions like vulnerability management, incident response, threat hunting and others.
- How to manage and treat risks that threaten your information assets.
- How to measure the effectiveness of your risk management program.
Prerequisites
- Basic IT Skills
- Computer systems with at least the following: OS: Windows, Android or iOS-based system Processor: 1.8 GHz Memory: 8GB
Content
Chapter 1: Introduction
2 Videos
Purpose and Key Concepts of Information Security Risk Management Scope, Roles, and Responsibilities in the Information Security Risk Management Chapter 1 Quiz
Preview
Chapter 2: Types and Phases of the Information Security Risk Management Process
6 Videos
Introduction to the Section Information Security Risk Management Types Information Security Risk Management Phases – Part 1 Information Security Risk Management Phases – Part 2 Information Classification Summary of the Section Chapter 2 Quiz
Preview
Chapter 3: Phases of the Information Security Risk Management Process
8 Videos
Introduction to the Section Identification of Information Security Risks Assessment of Information Security Risks – Part 1 Assessment of Information Security Risks – Part 2 Management of Information Security Risks – Part 1 Management of Information Security Risks – Part 2 Monitoring of Information Security Risks Summary of the Section Chapter 3 Quiz
Preview
Chapter 4: Information Security Controls
6 Videos
Introduction to the Section Information Security Controls’ Influence on the Information Security Risk Management Process Types of Information Security Controls – Part 1 Types of Information Security Controls – Part 2 Implementation and Monitoring of Information Security Controls Summary of the Section Chapter 4 Quiz
Preview
Chapter 5: Third-party Information Security Risk Management
5 Videos
Introduction to the Section Third-party/Supply Chain Risk Types of Third-party Risk Management Contracting Summary of the Section Chapter 5 Quiz
Preview
Chapter 6: Vulnerability Management, Penetration Testing, and Red Teams
5 Videos
Introduction to the Section Vulnerability Management Red Team Activities Penetration Testing Summary of the Section Chapter 6 Quiz
Preview
Chapter 7: Conclusion
2 Videos
Overview and Key Takeaways from the Course Thank you and Contact Information
Preview
This course is part of a learning path
467 enrollments
Course
Information Security Risk Management
$59.99
career path
Information Security Specialist: Novice to Pro
Become a Information Security Specialist Without Spending a Fortune on Your Training!
Instructor
Deyan T Tsanov
Get access to only this course
$59.99
One-time PaymentGet access to all 500+ courses with EC-Council Pro
$59.99/Month
Get access to all 500+ courses with EC-Council Pro
$599/Year
Get 2 months free!
Looking to train your team?
Try EC-Council Enterprise »Reviews
(106 reviews)
5
Average Course Rating
Related Courses
469 enrollments
Course
CCNA - Understanding Routers and Switches
$49.99
231 enrollments
Course
CISSP Certification Domains 5, 6, 7, and 8 Video Training
$69.99
809 enrollments
Course
Learn Ethical Hacking by Hacking Real Websites Legally
$69.99