Information Risk Management
- CPE Credits: 8
- Prerequisites: None
- Learning Level: Basic
- Instructional Method: Group/Live
- Field of Study: Information Technology – Technical
Course Revision Date: March 1, 2023
Course Description
In today’s 24/7 always on, globally wired, digital era, as organizations critically depend upon information technology (IT) systems to process their information for better support of their missions, risk management plays a critical role in protecting an organization’s information assets, and therefore its mission, from IT-related risk.
An effective risk management process is an important component of a successful IT security program. The principal goal of an organization’s risk management process should be to protect the organization and its ability to perform their mission, not just its IT assets. Therefore, the risk management process should not be treated primarily as a technical function carried out by the IT experts who operate and manage the IT system, but as an essential management function of the organization.
This presentation provides an overview into the specific criteria, steps and actions necessary to implement and sustain a comprehensive Information Risk Management program.
Audience
- Internal and external auditors (IT, financial, operational)
- Management consultants
- Big 4 Senior Managers/Partners
- General Counsels and attorneys
- C-suite members (CFO, CRO, CEO, CIO, CSO)
- Controllers
- Risk Compliance Officers
- Directors of Human Recourses
- Professionals involved in organizational or IT GRC strategic initiative
Objectives
After completing this presentation, the participant will be able to:
- Identify threats, vulnerabilities and exposures to organizational data and information assets
- Address various risk methodologies and assess application to individual enterprise environments
- Explain and utilize risk assessment and analysis methodologies
- Assess information security controls and countermeasures and their effectiveness
- Develop risk mitigation strategies for critical organizational information resources
Course Outline
Please contact Al with a request for a detailed course outline…
Need more information?
If have questions or would like more information about any of our courses please contact us using the form below. We look forward to hearing from you.
Request a Consultation Today
We provide a variety of consultation services and training options to fit the demanding and changing needs of our clients. Contact us today and we will help you determine the best way to meet your goals.
BAC is a vetted, current provider of training courses through the NICCS Education and Training Catalog. BAC’s courses are aligned to the specialty areas of the National Cybersecurity Workforce Framework.