Certified Information Security Manager CISM (Part 2 of 4): Risk Management

This course covers processes that deal with risk management and establishing a process for information asset classification, systematic risk assessment, business impact assessments, threat and vulnerability evaluations, identify and evaluate information security controls, lifecycle process and finally reporting changes in information. This course contains the following lessons:

Lesson 1:

• Risk Management Overview
• Importance of Risk Management
• Risk Management Outcomes.

Lesson 2:

• Information Security Risk Management
• Scope and Charter
• Roles and Responsibilities.

Lesson 3:

• Information Security Management Concepts
• Network Equipment.

Lesson 4:

• Risk Management Framework
• The External Environment
• Risk Management Context
• Gap Analysis
• Risk Analysis.

Lesson 5:

• Risk Assessment
• Other Risk Assessment Approaches
• Identification of Risks
• Risk
• Risk Analysis
• Evaluation of Risks.

Lesson 6:

• Controls and Countermeasures
• Information Resource Valuation
• Determining Classification
• Impact Continued.

Lesson 7:

• Recovery Point Objectives
• Third-Party Service Providers
• Project Management
• Risk Monitoring and Communication.