This course presents a complete framework for the oversight, evaluation, mitigation, and monitoring of risks to information technology assets. Effective risk management requires a structured, organized approach that should identify high-value assets, describe their environment, analyze their vulnerabilities and threats, and assess the risks based on likelihood and impact of exploitation. Using a sound basis for risk assessment sets the foundation for risk mitigation and should be an integral part of any information security program.
Risk Monitoring and Reporting
The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.