Ensuring compliance with applicable regulatory drivers
Protecting the organization from unacceptable losses
Describing the Risk Management Framework
Applying NIST/ISO risk management processes
Characterizing System Security Requirements
Outlining the system security boundary
Pinpointing system interconnections
Incorporating the unique characteristics of Industrial Control Systems (ICS) and cloud-based systems
Identifying security risk components
Estimating the impact of compromises to confidentiality, integrity and availability
Adopting the appropriate model for categorizing system risk
Setting the stage for successful risk management
Documenting critical risk assessment and management decisions in the System Security Plan (SSP)
Appointing qualified individuals to risk governance roles
Reducing Risk Through Effective Control Implementation
Maximizing security effectiveness by “building in” security
Reducing residual risk in legacy systems via “bolt-on” security elements
Formulating an authorization recommendation
Evaluating overall system security risk
Mitigating residual risks
Publishing the Plan of Action and Milestones, the risk assessment and recommendation
Preserving an acceptable security posture
Delivering initial and routine follow-up security awareness training
Collecting on-going security metrics
Implementing vulnerability management, incident response and business continuity processes
For whom: Auditors, Directors of security compliance, Information assurance management, System administrators and any security engineers, compliance directors, managers, auditors – basically any SANS alumni potentially.
This Cyber Security Risk Assessment and Management course will teach you how to how to conduct a security risk assessment to protect your organization. You will learn about the laws and regulations that impose strict cyber security requirements on all organizations, and gain the skills to develop a compliance assessment plan and employ a standards-based risk management process while maintaining a satisfactory security posture. By the end of this workshop, participants will be able to
Implement standards-based, proven methodologies for assessing and managing the risks to your organization’s information infrastructure
Select and implement security controls that ensure compliance with applicable laws, regulations, policies, and directives
Reviews
There are no reviews yet.
Be the first to review “CYBER SECURITY RISK ASSESSMENT AND MANAGEMENT” Cancel reply
Reviews
There are no reviews yet.