US flag signifying that this is a United States Federal Government website  Official website of the Department of Homeland Security

Managing Risk in IT Organizations

Managing Risk in IT Organizations

Yellow ribbon designating a CAE InstitutionNational CAE Designated Institution
  • Online, Instructor-Led

Course Description

Managing Risk in IT Organizations is a foundational course to the program. Decisions with regards to information security need to be grounded in an understanding of the strategic value of systems and information. Identifying risk within the organization is not only important to identify priorities for resource allocation, it also provides a framework for analyzing situations. Using risk management strategies, security professionals will be able to determine appropriate defenses and responses to incidents.

Learning Objectives

  • Evaluate a situation to clearly identify a risk and potential remediation of that risk
  • Develop classifications of systems and information in order to determine priorities based on importance or sensitivity
  • Identify information and system assets that could pose significant risk to the organization if they were lost or compromised
  • Recommend strategies for mitigating risk to sensitive organization assets

Framework Connections

  • Icon that says Protect and Defend with shield depicted.
  • Icon that says Analyze with a chart graph depicted
  • Icon that says Oversee and Govern with a magnify glass depicted.

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.