We may earn an affiliate commission when you visit our partners.
(ISC)² Education & Training
Course 8: Maturing Risk Management
Read more
Course 8: Maturing Risk Management
Read more
Course 8: Maturing Risk Management
In management science terms, maturing a process or practice means taking positive steps over time to make it more reliable, repeatable and efficient. In practice, this means getting better every day, while showing the measurements that demonstrate improvement and suggest other opportunities to improve. As we saw in chapters one and two risk management for information intensive organizations works best when using evidence-based reasoning to identify, characterize, and take actions as necessary to resolve the issues. Course eight will bring together numerous threads that are intrinsically related to managing the risks associated with information systems. Also, we know that cyber attack is a risk for all organizations. In this course, we will focus on bringing these ideas together in a context of continuous maturity modeling, measuring and monitoring. Risk alignment works best at the strategic long-term level of planning. By contrast risk maturation can be most effective when considered in day-to-day business operations. This is sometimes called operationalizing one's approach to risk management and maturation. Operationalizing risk management asks us to take the life cycle models about systems, software and data and connect or pivot them around business operations. We'll take on the view of the workers who use the business logic and the systems or the people who oversee the robotics and internet of things on the factory or warehouse floor and see how each of the different security disciplines brings something to them. This course has five modules. Module one focuses on change management and reveals how this detailed administratively intense process plays a primary role in protecting information systems. We'll also look at its vital contributions to incident response and remediation. Module two shows how physical security design principles are used to monitor and control the flow of physical objects in and out of various security zones. This module also considers the operational effects of safety planning and preparation on people and property, as well as availability and integrity of systems and information. Module three provides a different attitude and mindset about empowering and enabling the people in the organization to become more effective contributors and proponents of its information security. Security training programs have failed to help people complete their job safely and securely. New concepts such as micro chaining demonstrates that security education and awareness can add value to the security process. Module four shows us that system security assessment should be an ongoing task. Security has always involved continuous vigilance and integrity. Formal and informal audits demonstrate just how effective an organization's security controls are. As its process of maturing those controls continues to improve their performance. Module five brings many of these ideas and concepts together through business continuity and disaster recovery planning. The emphasis will be the operational support of these tasks, both in the planning and execution stages. We've prepared the foundations so you can bring concepts covered thus far into a cohesive daily operational context.
Course 8 Learning Objectives
After completing this course, the participant will be able to:
L8.1 - Identify operational aspects of change management.
L8.2 - Summarize physical security considerations.
L8.3 - Design a security education and awareness strategy.
L8.4 - Recognize common security assessment activities.
L8.5 - Classify the components of a business continuity plan and disaster recovery plan.
Course Agenda
Module 1: Participate in Change Management (Domain 1 - Security Operations and Administration)
Module 2: Physical Security Considerations (Domain 1 - Security Operations and Administration)
Module 3: Collaborate in Security Awareness and Training (Domain 1 - Security Operations and Administration)
Module 4: Perform Security Assessment Activities (Domain 3 - Risk Identification, Monitoring and Analysis)
Module 5: Understand and Support the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP) (Domain 4 - Incident Response and Recovery)
Who Should Take This Course: Beginners
Experience Required: No prior experience required
Register for this course and see more details by visiting:
OpenCourser.com/course/gfqmd1/maturing
Three deals to help you save
We found three deals and offers that may be relevant to this course.
Save money when you learn.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until December 12
Annual Subscription Savings
Unlock programs from Google, Microsoft, and IBM and join 77% of learners who reported positive career outcomes.
Only $239!
Valid for a limited time only
Future-proof your career
Access O'Reilly books, live events, courses, and more. Save with an annual subscription.
Take
15%
off
What's inside
Syllabus
Module 1: Participate in Change Management
An important function of the IT department is to maintain information systems and upgrade, enhance and revise those systems as necessary. Information systems are subject to many changes and modifications due to system patches, new technology or functionality, correction of process errors or system failures. The IT department must be able to manage change in order to support business operations and ensure the security of the systems.
The problem is that change poses a significant risk to the organization. Because of changes, systems may fail, functionality may be lost, security vulnerabilities may be introduced and data integrity may be compromised. This requires the development and implementation of a change management process that entails the documentation, testing and approval of all changes — and that thereby avoids business interruption.
Read more
Syllabus
Module 1: Participate in Change Management
An important function of the IT department is to maintain information systems and upgrade, enhance and revise those systems as necessary. Information systems are subject to many changes and modifications due to system patches, new technology or functionality, correction of process errors or system failures. The IT department must be able to manage change in order to support business operations and ensure the security of the systems.
The problem is that change poses a significant risk to the organization. Because of changes, systems may fail, functionality may be lost, security vulnerabilities may be introduced and data integrity may be compromised. This requires the development and implementation of a change management process that entails the documentation, testing and approval of all changes — and that thereby avoids business interruption.
Read more
Module 2: Physical Security Considerations
Physical and environmental security are often the responsibilities of departments other than IT, such as the physical security department or the facilities management group. These departments play an important role in providing resilient and reliable information to other areas of the organization, including IT. The security professional may be required to work with these other departments to ensure that information systems are supported with electrical power, fire protection, physical access security, surveillance and protection from threats such as theft, vandalism and natural disasters.
It can even be said that physical security should be a higher priority than most other forms of security such as passwords, firewalls and procedures. If an adversary can gain physical access to a server room, then the adversary can bypass all of the other forms of control and circumvent the security defenses. An adversary in a server room or wiring closet can install a wireless device or sniffer, cut or re-route cables or disable equipment, among other things.
Module 3: Collaborate in Security Awareness and Training
Experience shows that it’s relatively easy to establish and maintain a security education, awareness and training program for almost any organization. The difficulty with such a program is measurably demonstrating the program’s effectiveness.
Two major conflicts present themselves when the security team tries to engage with the end users at large. The first is rooted in the perception that security measures cost the end user time and effort to comply with. Work could get done so much more quickly and easily, this view argues, if all these extra security hurdles didn’t have to be jumped over all the time. The second reflects the users’ perception that most security training is an even further waste of their time. Both perceptions act to oppose the effective adoption of security controls by end users and discourage them from taking responsibility for their own learning and thus gaining the most value possible from the training that’s presented to them.
As with access control and identity management, it may be that it’s more than high time for a healthy dose of just-in-time learning for security. Security training consultants and specialist firms have made significant changes in their approaches to helping users learn what they need and when they need it. Microtraining, for example, breaks the training experience down into steps that might last less than one minute. In that minute, the microtraining engages the learner-user, has them take actions related to how they perform their normal jobs but is structured as part of the teaching and learning process.
Measuring the effectiveness of a training program has also been suffering from lack of innovation and maturation as well. This can change. User behavior modeling and analysis tools can gather data that highlights when individual users or groups of users are in need of specific refresher learning opportunities.
Let’s see how ideas like these can be put into practice and how we can assess their effectiveness.
Module 4: Perform Security Assessment Activities
Security assessment determines whether the controls implemented to reduce risk have been implemented as designed, are operating as expected and are achieving the desired result. This assurance can be the result of outside organizations evaluating the control environment or actions taken by the organization itself to evaluate the performance of the controls. Security assessment is performed by conducting inspections, audits and tests. Additionally, the results of investigations into anomalies and security incidents can also provide valuable insights into a security assessment process.
The assessment and testing processes must be performed consistently and the results communicated properly so that the organization’s management understands the risks they face. Security or controls audits are formal assessments that are normally performed to assure external evaluators that an organization’s controls meet compliance expectations. Ultimately, the results of audit, assessment and testing activities will allow the organization to identify control gaps and inefficiencies. This information will be the starting point for continual process improvement activities.
The security professional should be familiar with the strategies, techniques and processes by which organizational expectations for control are set, evaluated and improved. They should be able to explain the basic flow of audit and assessment activities and describe the tools and artifacts that support data-driven decision-making. Collectively, this information should enable the security professional to develop an organizationally appropriate assessment program.
It is tempting to think that much of the burden of security assessment and testing takes place during the development phase of the lifecycle of a major software system. Two factors, however, show us that this would be an unwise and unsafe assumption for security professionals or systems owners to make.
The first is that many systems are turned over to operational users with inadequate functional testing having been completed. Experience shows that many systems development projects fall behind schedule, and since it’s the last tasks on the timeline that feel the pressure to cut corners, testing often is rushed, abbreviated or skipped.
The second is that many commercial systems are developed with a less robust view of the need for security, safety, resilience and data protection than are required to defend against today’s sophisticated threats.
Both factors mean that many organizations today are failing security assessments, audits and compliance reviews or are failing to win new business opportunities, as a result of building their business processes atop an insecure software and systems base.
It also means that security professionals are often confronted with deployed, in-use systems in need of a thorough security assessment, including testing, to meet evolving business needs and the changing threat landscape.
This starts (as does this module) by first understanding the objectives of a security assessment, which lead to developing the strategy that will guide its accomplishment. This provides the framework for vulnerability assessments and the testing techniques used to perform it. This includes a deeper dive into wireless network security testing.
Ethical penetration testing can and should be a regular component in nearly every organization’s security assessment and operations plan. We’ll take a closer look at what makes this unique and valuable, and how the ethical penetration testers work with the organization’s leadership and its technical and security teams to preserve the integrity of the testing at minimal disruption to the daily business of the organization.
Audits, both formal and informal, provide a structured way to review all of the control systems the organization has in place. Many of these are known as internal controls over financial reporting (ICOFR or ICFR); in this era of ransom attacks as big business, security professionals need to be far more conversant with how the flow of information about the flow of money must be protected.
Module 5: Understand and Support the Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP)
The incident triage process (described in module 1) may identify that a particular event or set of events needs more than just the incident response process to handle itself. Two specific types of plans are typically used to define these responses, prepare the organization and guide their teams in dealing with such events.
It’s an easy mistake to make to think that disaster recovery plans (DRPs) are broad and all-encompassing to deal with recovering from earthquakes, hurricanes, fires or major cyberattacks; in reality, the scope of DRPs is much narrower. DRPs and their activities deal with the restoration of information and communications systems and technologies that support urgent business or organizational needs. (It would not be surprising that organizations which rely on IoT, SCADA or process control systems will start reshaping their classic DRPs to also address their OT critical systems and capabilities.)
It is the business continuity plan (BCP) that takes into account the much broader scope of activities required to keep an organization alive and operating, as it recovers from both the immediate effects of a disruptive incident and restoring non-critical services and activities so it can move forward.
Let’s see how the security professional would support these plans, during both their development and operational activation and use.
Module 6: Chapter 8 Review
Chapter 8 brought together many different aspects of information systems security, binding them together with several important ideas. First, systems must be managed, if they are to be protected and kept secure. One form of management is configuration management, in which we ensure that changes are only made when authorized; when effective, CM systems can become part of the arsenal of intrusion detection capabilities.
Physical security measures were placed in the context of protecting and sustaining the organization, its systems and its people. In many organizations, these physical security control systems are data-driven and thus tightly integrated with overall IAAA and incident detection capabilities. SUNBURST and other recent attacks on SCADA, ICS and other operational technology (OT) systems highlighted the need for many organizations and security professionals to expand their horizons to include things beyond the edge of the TCP/IP networks, databases and web page views of the organization and the threat landscape.
We also saw that effective systems management requires measurement, observation, test and analysis in order to know what today’s security posture really is, and to inform considerations of where, when and how to improve that posture. Inspections, assessments, audits and ethical penetration testing were all viewed in this context.
Two other major topic areas — business continuity and security education, training and awareness — actually come together in surprising ways. Many of us who’ve served in our nation’s militaries, police or emergency first responder corps know that humans in highly disruptive situations often must fall back on their training, if they are to remain calm, not panic and thoughtfully deal with the situation one step at a time. Microtraining is an excellent example of this. By popping up a mock phishing or malware-based attack activity when an end user least expects it, microtraining presents users with the chance to either fall back unthinkingly to habit, or stop, observe, orient themselves to a potential security issue and then make decisions. Awareness, training and education efforts can provide employees with the skills and the frame of mind they need to deal with disruptions, no matter what scale and no matter whether they are simulated or real. As with other aspects of information systems security, continuity of operations and disaster recovery require extensive preparation, and one of the most important tasks in that is preparing one’s people to adapt and overcome as a team.
Good to know
Good to know
Know what's good ,
what to watch for , and
possible dealbreakers
Teaches concepts, skills, and background information for certification
Taught by experts with deep experience in the field
Develops skills and knowledge for use in a variety of job roles
Builds a strong foundation for further learning in the field
Includes a variety of learning materials and activities
May require some prior knowledge or experience in the field
Save this course
Save Maturing Risk Management to your list so you can find it easily later:
Save
Save
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Maturing Risk Management with these
activities:
Review change management concepts
Show steps
Refresh your understanding of change management principles and processes to enhance your comprehension of module 1.
Browse courses on
Change Management
Show steps
-
Revisit materials from previous courses or certifications related to change management.
-
Review industry articles and case studies on effective change management practices.
-
Attend webinars or online seminars on change management methodologies.
Participate in a discussion forum on change management
Show steps
Exchange knowledge and insights with peers to deepen your understanding of change management practices.
Browse courses on
Change Management
Show steps
-
Join online forums or discussion groups dedicated to change management.
-
Engage in discussions, ask questions, and share experiences related to change management.
Conduct a physical security assessment
Show steps
Engage in a hands-on activity that reinforces the concepts of physical security design and implementation.
Browse courses on
Physical Security
Show steps
-
Identify and document potential threats and vulnerabilities to a physical facility.
-
Assess existing security measures and evaluate their effectiveness.
-
Recommend improvements to enhance physical security and mitigate risks.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Explore microtraining resources
Show steps
Familiarize yourself with microtraining techniques to enhance your understanding of security awareness and training.
Browse courses on
Security Awareness Training
Show steps
-
Identify online platforms or vendors that provide microtraining content.
-
Enroll in or explore free microtraining modules related to security awareness.
-
Evaluate the effectiveness and applicability of microtraining to your organization.
Attend a workshop on physical security best practices
Show steps
Gain hands-on experience and practical guidance on implementing physical security measures.
Browse courses on
Physical Security
Show steps
-
Identify and register for workshops or seminars related to physical security.
-
Attend the workshop and actively participate in discussions and exercises.
-
Apply the knowledge and skills gained to enhance your organization's physical security posture.
Design a security assessment plan
Show steps
Apply your knowledge of security assessment techniques to create a comprehensive plan that aligns with organizational needs.
Browse courses on
Security Assessment
Show steps
-
Define the scope and objectives of the security assessment.
-
Identify the assets and systems to be assessed.
-
Select and apply appropriate assessment techniques.
-
Develop a reporting framework to communicate assessment findings.
Contribute to an open-source security awareness project
Show steps
Apply your understanding of security awareness principles by contributing to community-driven projects.
Browse courses on
Security Awareness
Show steps
-
Identify open-source projects focused on security awareness and education.
-
Review the project's documentation and identify areas where you can contribute.
-
Submit code changes, documentation updates, or other contributions that enhance the project.
Develop a business continuity plan (BCP)
Show steps
Demonstrate your understanding of business continuity principles by creating a comprehensive BCP.
Browse courses on
Business Continuity Planning
Show steps
-
Identify critical business functions and their dependencies.
-
Develop a strategy to maintain essential operations during a disruption.
-
Establish communication channels and protocols for incident response.
-
Test and exercise the BCP to ensure its effectiveness.
Review change management concepts
Show steps
Refresh your understanding of change management principles and processes to enhance your comprehension of module 1.
Browse courses on
Change Management
Show steps
Show steps
Show steps
- Revisit materials from previous courses or certifications related to change management.
- Review industry articles and case studies on effective change management practices.
- Attend webinars or online seminars on change management methodologies.
Participate in a discussion forum on change management
Show steps
Exchange knowledge and insights with peers to deepen your understanding of change management practices.
Browse courses on
Change Management
Show steps
Show steps
Show steps
- Join online forums or discussion groups dedicated to change management.
- Engage in discussions, ask questions, and share experiences related to change management.
Conduct a physical security assessment
Show steps
Engage in a hands-on activity that reinforces the concepts of physical security design and implementation.
Browse courses on
Physical Security
Show steps
Show steps
Show steps
- Identify and document potential threats and vulnerabilities to a physical facility.
- Assess existing security measures and evaluate their effectiveness.
- Recommend improvements to enhance physical security and mitigate risks.
Five other activities
Expand to see all activities and additional details
Show all eight activities
Explore microtraining resources
Show steps
Familiarize yourself with microtraining techniques to enhance your understanding of security awareness and training.
Browse courses on
Security Awareness Training
Show steps
Show steps
Show steps
- Identify online platforms or vendors that provide microtraining content.
- Enroll in or explore free microtraining modules related to security awareness.
- Evaluate the effectiveness and applicability of microtraining to your organization.
Attend a workshop on physical security best practices
Show steps
Gain hands-on experience and practical guidance on implementing physical security measures.
Browse courses on
Physical Security
Show steps
Show steps
Show steps
- Identify and register for workshops or seminars related to physical security.
- Attend the workshop and actively participate in discussions and exercises.
- Apply the knowledge and skills gained to enhance your organization's physical security posture.
Design a security assessment plan
Show steps
Apply your knowledge of security assessment techniques to create a comprehensive plan that aligns with organizational needs.
Browse courses on
Security Assessment
Show steps
Show steps
Show steps
- Define the scope and objectives of the security assessment.
- Identify the assets and systems to be assessed.
- Select and apply appropriate assessment techniques.
- Develop a reporting framework to communicate assessment findings.
Contribute to an open-source security awareness project
Show steps
Apply your understanding of security awareness principles by contributing to community-driven projects.
Browse courses on
Security Awareness
Show steps
Show steps
Show steps
- Identify open-source projects focused on security awareness and education.
- Review the project's documentation and identify areas where you can contribute.
- Submit code changes, documentation updates, or other contributions that enhance the project.
Develop a business continuity plan (BCP)
Show steps
Demonstrate your understanding of business continuity principles by creating a comprehensive BCP.
Browse courses on
Business Continuity Planning
Show steps
Show steps
Show steps
- Identify critical business functions and their dependencies.
- Develop a strategy to maintain essential operations during a disruption.
- Establish communication channels and protocols for incident response.
- Test and exercise the BCP to ensure its effectiveness.
Career center
Learners who complete Maturing Risk Management will develop knowledge and skills
that may be useful to these careers:
Information Security Analyst
Information Security Analyst
An Information Security Analyst uses their technical knowledge to help identify, prevent, and resolve security vulnerabilities across the organization. This course helps those in this role by providing them with an overview of several aspects of information systems security. It also gives strategies, techniques, and processes for organizational expectations for control set, evaluated, and improved. This makes the course very valuable to anyone who works in this role.
Security Architect
Security Architect
Security Architects design, implement, and maintain an organization's IT security infrastructure. This involves working with a variety of security technologies, including firewalls, intrusion detection systems, and encryption. This course is a valuable resource for Security Architects as it provides them with an overview of several aspects of information systems security. It also walks through security assessment activities commonly performed by security professionals.
IT Auditor
IT Auditor
IT Auditors examine an organization's IT systems and processes to ensure that they are secure and compliant with regulations. They may also provide advice on how to improve IT security. The course covers a variety of topics that are relevant to IT Auditors, including change management and physical security considerations.
Security Consultant
Security Consultant
Security Consultants provide advice and guidance to organizations on how to improve their IT security. They may also help organizations to implement and manage security solutions. This course can be helpful for Security Consultants as it provides them with an overview of several aspects of information systems security. It also provides strategies, techniques, and processes for organizational expectations for control set, evaluated, and improved. This makes the course very valuable to anyone who works in this role.
Cybersecurity Engineer
Cybersecurity Engineer
Cybersecurity Engineers design, implement, and maintain IT security systems. They may also work to identify and resolve security vulnerabilities. The course covers several topics relevant to this role, including change management, physical security considerations, and security assessment activities.
Security Operations Analyst
Security Operations Analyst
Security Operations Analysts monitor an organization's IT systems for security threats. They may also respond to security incidents and investigate security breaches. This course can be helpful for Security Operations Analysts as it provides them with an overview of several aspects of information systems security. It also provides strategies, techniques, and processes for organizational expectations for control set, evaluated, and improved.
IT Security Manager
IT Security Manager
IT Security Managers are responsible for overseeing an organization's IT security program. They may also work to develop and implement security policies and procedures. This course provides a comprehensive overview of the information systems security field and provides strategies, techniques, and processes for organizational expectations for control set, evaluated, and improved. This course may also be useful for professionals seeking career advancement in this role.
Risk Manager
Risk Manager
Risk Managers identify, assess, and mitigate risks to an organization. They may also develop and implement risk management plans. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Incident Responder
Incident Responder
Incident Responders investigate and resolve security incidents. They may also work to develop and implement incident response plans. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Security Analyst
Security Analyst
Security Analysts monitor an organization's IT systems for security threats. They may also investigate security incidents and provide advice on how to improve IT security. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Penetration Tester
Penetration Tester
Penetration Testers identify and exploit vulnerabilities in an organization's IT systems. They may also provide advice on how to improve IT security. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Compliance Analyst
Compliance Analyst
Compliance Analysts ensure that an organization's IT systems are compliant with regulations. They may also develop and implement compliance programs. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Forensic Analyst
Forensic Analyst
Forensic Analysts investigate computer crimes and cyberattacks. They may also provide evidence for legal proceedings. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
Chief Information Security Officer (CISO)
Chief Information Security Officer (CISO)
The Chief Information Security Officer (CISO) is responsible for overseeing an organization's IT security program. They may also develop and implement security policies and procedures. This course provides a comprehensive overview of the information systems security field and provides strategies, techniques, and processes for organizational expectations for control set, evaluated, and improved. This course may also be useful for professionals seeking career advancement in this role.
IT Project Manager
IT Project Manager
IT Project Managers plan and execute IT projects. They may also work to ensure that IT projects are completed on time, within budget, and to the required quality standards. This course provides an overview of several aspects of information systems security and may be useful for those seeking a career in this field.
For more career information including salaries, visit:
OpenCourser.com/course/gfqmd1/maturing
Reading list
We've selected eight books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Maturing Risk Management.
Complements the course material in Module 1 by providing a comprehensive guide to security risk assessments. It covers various methodologies and techniques, making it a valuable reference for professionals seeking to enhance their understanding of risk assessment.
Aligns with Module 4 and provides valuable insights into network security assessment techniques. It covers network reconnaissance, vulnerability scanning, and penetration testing, making it a useful reference for IT professionals involved in security assessment and testing.
Complements Module 4 by providing a specialized focus on software security assessment. It covers various techniques and tools for identifying and preventing software vulnerabilities, making it a valuable resource for professionals involved in software security testing.
Aligns with Module 5 by providing a comprehensive guide to business continuity and disaster recovery planning for IT professionals. It covers various aspects of planning, including risk assessment, incident response, and recovery strategies.
Provides a detailed overview of the risk management concepts covered in the CISSP exam.
Provides a comprehensive overview of physical security design, with a focus on architectural and engineering considerations.
Save
Provides a comprehensive overview of disaster recovery planning for IT professionals, with a focus on practical implementation.
Provides a comprehensive overview of incident handling, with a focus on best practices.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/gfqmd1/maturing
Share
Similar courses
Here are nine courses similar to
Maturing Risk Management.
Introducing Security: Aligning Asset and Risk Management
OpenCourser.com/course/1dr06j/introducing
Introducing Security: Aligning Asset and Risk Management
Most relevant
Cybersecurity and Its Ten Domains
OpenCourser.com/course/qiaqe5/cybersecurity
Cybersecurity and Its Ten Domains
Most relevant
Operational Risk Management: Frameworks & Strategies
OpenCourser.com/course/tdrh7b/operational
Operational Risk Management: Frameworks & Strategies
Most relevant
Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
OpenCourser.com/course/4bb949/identifying
Identifying, Monitoring, and Analyzing Risk and Incident...
Most relevant
Risk Management: Use of Access Controls to Protect Assets
OpenCourser.com/course/f61928/risk
Risk Management: Use of Access Controls to Protect Assets
Most relevant
Security Operations: Business Resilience and Incident Management for CISSP®
OpenCourser.com/course/d5plni/security
Security Operations: Business Resilience and Incident...
Most relevant
Complete Enterprise & Operational Risk Management Bootcamp
OpenCourser.com/course/tq4p3m/complete
Complete Enterprise & Operational Risk Management Bootcamp
Security Operations: Operations Management for CISSP®
OpenCourser.com/course/44lrxc/security
Security Operations: Operations Management for CISSP®
Information Technology and Security ISACA® CRISC™
OpenCourser.com/course/senjb2/information
Information Technology and Security ISACA® CRISC™
Level
Introductory
Via
Coursera
Institution
ISC2
Instructor
(ISC)² Education & Training
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
Bahasa Indonesia
ไทย
қазақша
This course belongs to a
collection
called
(ISC)² Systems Security Certified Practitioner (SSCP) . It's comprised of seven courses:
Good to know
Teaches concepts, skills, and background information for certification
Taught by experts with deep experience in the field
Develops skills and knowledge for use in a variety of job roles
Builds a strong foundation for further learning in the field
Includes a variety of learning materials and activities
May require some prior knowledge or experience in the field
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2024 OpenCourser