logo


your one source for IT & AV

Training Presentation Systems Services & Consulting Cloud Services Purchase Client Center Computer Museum
Arrow Course Schedule | Classroom Rentals | Student Information | Free Seminars | Client Feedback | Partners | Survey | Standby Discounts

Information Security Risk Assessment through Data Collection and Analysis

SS Course: 2001234

Course Overview

TOP

Expert lecture and exercises enforce the true value and purpose of information security risk assessments. Student gain proficiency in conducting effective risk assessments that provide defendable analysis of residual risk association to present risk treatment options. This course gives students the tools and skills to acquire a quick, reliable, and thorough risk assessment for key stakeholders.

                                                                  

Scheduled Classes

TOP

What You'll Learn

TOP

Participants will do the following:

  • Identify assets that need to be protected
  • Identify what risks those assets are exposed to
  • Identify what controls are in place to offset those risks
  • Use the most efficient tools and skills to get a quick, reliable, and thorough risk assessment for key stakeholders

Outline

TOP
Viewing outline for:

Module 1: Information Security Risk Assessments

Lesson 1A: What is Risk?

Lesson 1B: What is Information Security Risk Assessment?

Lesson 1C: Drivers, Laws, and Regulations

Module 2:  A Practical Approach to Information Security Assessment

Lesson 2A: Risk Assessment Frameworks

Lesson 2B: OCTAVE

Lesson 2C: NIST SP 800-30

Lesson 2D: ISO 27005

Module 3: Data Collection

Lesson 3A: The Sponsor

Lesson 3B: The Project Team

Lesson 3C: Data Collection

Lesson 3D: Document Requests

Lesson 3E: IT Asset Inventory

Lesson 3F: Asset Scoping

Lesson 3G: Asset Profile Survey

Lesson 3H: Survey Support

Module 3 Exercises

Module 4: Data Analysis

Lesson 4A: Compiling Observations from Organizational Risk Documents

Lesson 4B: Preparation of Threat and Vulnerability Catalogs

Lesson 4C: Overview of the System Risk Computation

Lesson 4D: Impact Analysis Scheme

Lesson 4E: Control Analysis Scheme

Lesson 4F: Likelihood Analysis Scheme

Lesson 4G: Final Risk Score

Module 4 Exercises

Module 5: Risk Assessment

Lesson 5A: System Risk Analysis

Module 5 Exercises

Module 6: Risk Prioritization and Treatment

Lesson 6A: Organizational Risk Prioritization and Treatment

Lesson 6B: System Specific Risk Prioritization and Treatment

Lesson 6C: Issues Register

Module 6 Exercises

Module 7: Reporting

Lesson 7A: Outline

Lesson 7B: Risk Analysis Executive Summary

Lesson 7C: Methodology

Lesson 7D: Results

Lesson 7E: Risk Register

Module 7 Exercises

Module 8: Maintenance and Wrap Up

Lesson 8A: Process Summary

Lesson 8B: Key Deliverables

Lesson 8C: Post Mortem

Prerequisites

TOP

    Related Certifications

    TOP

    Who Should Attend

    TOP

    Information security and related professionals fit the ideal candidate to take this training course. Other professionals that could potentially find this course useful are:

    • Risk professionals
    • Control professionals
    • Business analysts
    • Project managers
    • Compliance professionals

    Next Step Courses

    TOP

    338 Clubhouse Rd Hunt Valley MD 21031 • 410.771.5544 • f. 410.771.9507   |   Privacy Policy   |   Employees   |   Use Remote Support   |   Site Map