Assessing Cyber Security Risk for Decision-Makers and Leaders
Identify and protect your critical assets by performing your own risk assessments
Face-to-Face Training
The Assessing Cyber Security Risk for Decision-Makers and Leaders, cyber security course will enable decision-makers at all levels to focus on critical risks and impacts to your business. It will help inform your senior management of the strategic and operational areas that require attention whilst maintaining transparency through the entire process.
Information Security Risk Assessments: A Comprehensive Guide
Are you looking to stay ahead of the curve when it comes to information security? Through this two-day course, you will learn to perform comprehensive risk assessments and use the latest electronic risk management software. With this knowledge, you can provide your organisation with a robust methodology that focuses on protecting its valuable data assets in an operational context.
What You will Learn
During this two-day course, you will be able to learn how to identify and assess risks associated with information assets. In particular, you will gain a deep understanding of the following topics:
- Threats and vulnerabilities
- Risk treatment options
- Business impact analysis (BIA) techniques
- Quantitative risk assessment techniques
You will also become well versed in using the latest electronic risk management software, which offers support for both qualitative and quantitative methods of risk assessment. This software allows users to prioritise risks according to their importance so that organisations can determine which areas require immediate attention.
You will also gain an understanding of ISO/IEC 27005, which is an international standard that provides best practice guidance on information security risk management processes. This standard provides organisations with specific criteria for assessing and managing risks so as to ensure that they have effective procedures in place for preventing unauthorised access or manipulation of sensitive data assets. It also helps organisations develop effective strategies for responding quickly and appropriately should a security breach occur. By learning about ISO/IEC 27005, participants in this course will have a better understanding of the principles behind secure information systems and be able to effectively manage their own business’s IT infrastructure.
This two-day course provides participants with an overview of how to perform comprehensive security risk assessments using industry recognised standards as well as the latest electronic risk management software tools. It equips organisations with a robust methodology that focuses on protecting their valuable data assets in an operational context. By taking part in this course, you can be sure that your organisation is staying ahead of the curve when it comes to information security!
Throughout the course, you will participate in in-class exercises and discussions, including risk identification, analysis, and response activities.
Course Outcomes
After completing the course, you will be able to:
-
Gather and organise risk information via interviews, documentation reviews, and technical analysis
-
Create risk evaluation criteria
-
Identify, analyse and prioritise information security risks.
-
Improve vulnerability management activities by viewing them in a risk context
-
Understand why managing operational risk is essential to managing enterprise risk
-
Develop risk response strategies appropriate for the organisation's business requirements
By focusing on operational risks to information assets, participants learn to view risk assessment in the context of the organisation's strategic objectives and risk tolerances.
Who should attend the course?
-
Individuals who want to be able to perform their own in house risk assessments
-
C-Suite, Security professionals, business continuity planners, compliance personnel, risk managers and others
-
Personnel need to perform a formal risk assessment to satisfy PCI-DSS requirements
-
Information Technology technicians that want to increase their knowledge of cybersecurity