• Classroom
  • Online, Instructor-Led
Course Description

Build a greater understanding of the impact of IT risk and how it relates to an overall organization. Assure development of more effective plans to mitigate risk, establish a common perspective and language about IT risk that can set the standard for your enterprise.

Learning Objectives

  • Laws, regulations, standards, and compliance requirements related to risk management
  • Components of enterprise systems architecture
  • Business goals and objectives related to risk management
  • Methods to identify risk
  • Risk scenario development tools and techniques
  • Risk identification and classification standards and frameworks
  • Elements of a risk register
  • Risk appetite and tolerance
  • Risk analysis methodologies (quantitative and qualitative)
  • Organizational structures
  • Organizational assets
  • Organizational policies and standards related to risk management
  • Business process review tools and techniques
  • Analysis techniques (e.g., root cause, gap, cost-benefit, return on investment [ROI])
  • Maturity model assessment and improvement techniques and strategies
  • Data analysis, validation, and aggregation techniques (e.g., trend analysis, modeling)
  • Data collection and extraction

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.