This course offers an in-depth look at risk factor analyses that must be undertaken during the process of designing a flexible and comprehensive security plan. Topics include assessing security threats; developing countermeasures; and protecting information, security designs, security processes, and security analysis programs and tools.
- Given the critical need for understanding the relationships between risk assessment and an organization's security, establish the essential elements of a comprehensive security plan.
- Given the importance of protecting an organizational entity from external influences and threats, define procedures for performing a thorough review of the organization's strengths, weaknesses, opportunities, and threats (the Security Survey).
- Given the desire for business and government continuity, develop as complete a list as possible of the identifiable internal and external risks that might disrupt operations of the entity.
- Given that probability is the language of uncertainty and risk, explore the techniques used to quantify risks and to assess their relative potential impacts on the organization.
- Given that risk management is a vital part of overall security planning, identify alternative risk-mitigation strategies that may be considered for dealing with the most important risks facing the organization.
- Given that risk management is conducted within a constrained environment, examine the roles that regulatory agencies and the insurance industry play in the development and implementation of an organization's risk mitigation policies.
- Given that security planning is an ongoing activity, use a given risk scenario to develop a cost-effective security plan that can be tailored to fit various aspects of the organization (e.g., protection of human, financial, physical, and information resources).
If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.