We may earn an affiliate commission when you visit our partners.
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP
and
Michael Whitman, Ph.D., CISM, CISSP
Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization.
Read more
Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization.
Read more
Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization.
This course examines the risk management frameworks and standards offered by these organization and then discusses other available approaches. The course concludes with a discussion of applications and tools to support the organization’s risk management effort.
Register for this course and see more details by visiting:
OpenCourser.com/course/nzwv6j/dominant
Here's a deal for you
Save money when you learn with a deal that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Get offer
What's inside
Syllabus
Welcome to Dominant Risk Management Standards and Frameworks (Course 3)
Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization. This course examines the risk management frameworks and standards offered by these organizations and then discusses other available approaches. The course concludes with a discussion of applications and tools to support the organization’s risk management effort.
Read more
Syllabus
Welcome to Dominant Risk Management Standards and Frameworks (Course 3)
Organizations with little experience in risk management will want to look to national and international organizations for guidance in designing and implementing their risk management efforts. There are two dominant organizations that offer guidance in this area: the U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization. This course examines the risk management frameworks and standards offered by these organizations and then discusses other available approaches. The course concludes with a discussion of applications and tools to support the organization’s risk management effort.
Read more
Traffic lights
Traffic lights
Read about what's good
what should give you pause and
possible dealbreakers
Ideal for beginners and those inexperienced in risk management
Provides solid foundations for individuals seeking to improve their knowledge in risk management
Taught by three highly experienced PhDs with specializations in cybersecurity management and data privacy
Both module instructor, Michael Whitman and Herbert J. Mattord are Certified Information Systems Manager (CISM) and Certified Information Systems Security Professional (CISSP)
Introduces several available approaches to risk management
Covers risk management standards and frameworks designed by two dominant organizations: The U.S. National Institute for Standards in Technology (NIST) and the International Standards Organization
Examines and discusses applications and tools to support the organization’s risk management efforts
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Reviews summary
Foundational risk management standards overview
According to learners, this course provides a largely positive and foundational understanding of dominant risk management standards, particularly NIST and ISO frameworks. Many students found the content clear and concise, praising the instructor's ability to explain complex concepts and provide real-world application examples. It is widely regarded as highly practical for beginners and a must-have for professionals new to risk management. However, some learners noted that the final module on other approaches and tools felt rushed or less valuable, and those with prior experience may find the course too introductory and desire more advanced, hands-on examples.
Presents complex topics with clarity and good organization.
"The instructor explained complex concepts clearly, making it easy to grasp."
"The lectures were well-structured, and the examples reinforced the learning."
"It was very clear and concise, and the modular approach made it easy to follow."
Serves as an excellent foundational course for new learners.
"Highly recommend it for beginners."
"I'm new to risk management, and this course helped me get a clear understanding of the dominant standards."
"A very useful course for beginners in risk management. It demystified the NIST and ISO standards effectively."
"I learned a lot and feel much more confident discussing these frameworks in my job."
Offers a clear, detailed look at dominant risk management frameworks.
"This course provided an excellent overview of NIST and ISO frameworks. As a compliance analyst, I found the content highly relevant..."
"The NIST RMF section was very detailed and helpful."
"The breakdown of NIST and ISO was thorough. I particularly liked how the course clarified the differences and overlaps between them."
"This course is a goldmine for understanding the core risk management standards."
Could benefit from more engaging and interactive elements.
"The lectures were mostly slides, which could be more engaging."
"I would have appreciated more interactive elements or quizzes to test understanding after each module."
"I really wanted to see more hands-on examples or case studies."
May feel too basic for those with prior experience in risk.
"If you have some prior experience with risk frameworks, it might feel a bit too introductory."
"I was hoping for more advanced discussions or deeper dives into implementation challenges."
"I found some of the content a bit dry, and the explanations were sometimes too high-level for practical application."
The module on other approaches and tools needs more depth.
"I felt Module 3.4 on 'Other Approaches and Tools' could have been expanded upon; it felt a bit rushed..."
"The last module felt like an afterthought and didn't add much value for me."
"Some of the tools discussed were a bit generic."
Activities
Be better prepared
before
your course. Deepen your understanding
during
and
after
it. Supplement your coursework and achieve mastery of the topics covered
in Dominant Risk Management Standards and Frameworks with these
activities:
Review Risk Management Fundamentals
Show steps
Reviewing risk management fundamentals will provide a strong foundation for understanding the NIST and ISO frameworks.
Browse courses on
Risk Management
Show steps
-
Read the course syllabus and introduction to get an overview of the course.
-
Review your notes or previous coursework on risk management concepts.
-
Complete any pre-course assignments or readings.
Follow a Tutorial on the NIST Risk Management Framework
Show steps
Following a guided tutorial will provide a structured approach to understanding the NIST framework.
Browse courses on
NIST Risk Management Framework
Show steps
-
Identify an online tutorial or course on the NIST Risk Management Framework.
-
Follow the tutorial to understand the framework's components and how to apply them.
-
Complete any exercises or assignments in the tutorial.
Practice Identifying and Assessing Risks
Show steps
Practicing risk identification and assessment will improve your ability to apply the NIST and ISO frameworks.
Browse courses on
Risk Identification
Show steps
-
Gather a list of potential risks related to a project or organization.
-
Use the NIST or ISO frameworks to analyze and assess the risks.
-
Develop risk response plans for the identified risks.
Three other activities
Expand to see all activities and additional details
Show all six activities
Create a Risk Management Plan for a Case Study
Show steps
Creating a risk management plan will allow you to apply the frameworks and demonstrate your understanding of risk management principles.
Browse courses on
Risk Management Plan
Show steps
-
Select a case study or scenario that requires a risk management plan.
-
Apply the NIST or ISO frameworks to identify and assess the risks.
-
Develop risk response plans and implement them.
Attend a Workshop on Risk Management
Show steps
Attending a risk management workshop will provide an opportunity to interact with experts and enhance your knowledge.
Browse courses on
Risk Management
Show steps
-
Identify and register for a workshop on risk management.
-
Attend the workshop and actively participate in the sessions.
-
Apply the knowledge and skills acquired in the workshop to your own work.
Mentor a Junior Risk Management Professional
Show steps
Mentoring others will reinforce your knowledge and help you develop leadership skills.
Browse courses on
Mentoring
Show steps
-
Identify a junior risk management professional who would benefit from your guidance.
-
Set up regular meetings to provide support and guidance.
-
Share your knowledge and experience, and provide constructive feedback.
Review Risk Management Fundamentals
Show steps
Reviewing risk management fundamentals will provide a strong foundation for understanding the NIST and ISO frameworks.
Browse courses on
Risk Management
Show steps
Show steps
Show steps
- Read the course syllabus and introduction to get an overview of the course.
- Review your notes or previous coursework on risk management concepts.
- Complete any pre-course assignments or readings.
Follow a Tutorial on the NIST Risk Management Framework
Show steps
Following a guided tutorial will provide a structured approach to understanding the NIST framework.
Browse courses on
NIST Risk Management Framework
Show steps
Show steps
Show steps
- Identify an online tutorial or course on the NIST Risk Management Framework.
- Follow the tutorial to understand the framework's components and how to apply them.
- Complete any exercises or assignments in the tutorial.
Practice Identifying and Assessing Risks
Show steps
Practicing risk identification and assessment will improve your ability to apply the NIST and ISO frameworks.
Browse courses on
Risk Identification
Show steps
Show steps
Show steps
- Gather a list of potential risks related to a project or organization.
- Use the NIST or ISO frameworks to analyze and assess the risks.
- Develop risk response plans for the identified risks.
Three other activities
Expand to see all activities and additional details
Show all six activities
Create a Risk Management Plan for a Case Study
Show steps
Creating a risk management plan will allow you to apply the frameworks and demonstrate your understanding of risk management principles.
Browse courses on
Risk Management Plan
Show steps
Show steps
Show steps
- Select a case study or scenario that requires a risk management plan.
- Apply the NIST or ISO frameworks to identify and assess the risks.
- Develop risk response plans and implement them.
Attend a Workshop on Risk Management
Show steps
Attending a risk management workshop will provide an opportunity to interact with experts and enhance your knowledge.
Browse courses on
Risk Management
Show steps
Show steps
Show steps
- Identify and register for a workshop on risk management.
- Attend the workshop and actively participate in the sessions.
- Apply the knowledge and skills acquired in the workshop to your own work.
Mentor a Junior Risk Management Professional
Show steps
Mentoring others will reinforce your knowledge and help you develop leadership skills.
Browse courses on
Mentoring
Show steps
Show steps
Show steps
- Identify a junior risk management professional who would benefit from your guidance.
- Set up regular meetings to provide support and guidance.
- Share your knowledge and experience, and provide constructive feedback.
Career center
Learners who complete Dominant Risk Management Standards and Frameworks will develop knowledge and skills
that may be useful to these careers:
IT Risk Manager
IT Risk Manager
IT Risk Managers are responsible for identifying, assessing, and mitigating IT risks that could impact their organization's operations. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a comprehensive understanding of these frameworks and standards, and you'll be able to apply your knowledge to help your organization achieve its objectives.
Risk Manager
Risk Manager
Risk Managers are responsible for identifying, assessing, and mitigating risks that could impact their organization's objectives. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a comprehensive understanding of these frameworks and standards, and you'll be able to apply your knowledge to help your organization achieve its objectives.
Information Security Analyst
Information Security Analyst
Information Security Analysts are responsible for protecting their organization's information assets from threats such as cyber attacks and data breaches. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help protect your organization's information assets.
Information Security Manager
Information Security Manager
Information Security Managers are responsible for developing and implementing an organization's information security program. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a comprehensive understanding of these frameworks and standards, and you'll be able to apply your knowledge to help your organization protect its information assets.
Security Engineer
Security Engineer
Security Engineers are responsible for designing and implementing security measures to protect their organization's information assets. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help your organization protect its information assets.
Compliance Officer
Compliance Officer
Compliance Officers are responsible for ensuring that their organizations comply with all applicable laws and regulations. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a comprehensive understanding of these frameworks and standards, and you'll be able to apply your knowledge to help your organization achieve compliance.
Internal Auditor
Internal Auditor
Internal Auditors are responsible for evaluating the effectiveness of an organization's internal controls. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help your organization improve its internal controls.
IT Auditor
IT Auditor
As an IT Auditor, you'll be responsible for assessing the effectiveness of an organization's internal controls and ensuring compliance with regulations. This course will provide you with a solid foundation in risk management frameworks and standards, which will be essential for your success in this role. You'll be able to apply your knowledge of NIST and ISO standards to identify and mitigate risks, and you'll be able to use audit and assessment tools to evaluate the effectiveness of your organization's internal controls.
Compliance Analyst
Compliance Analyst
Compliance Analysts are responsible for ensuring that their organizations comply with all applicable laws and regulations. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help your organization achieve compliance.
Privacy Analyst
Privacy Analyst
Privacy Analysts are responsible for ensuring that their organizations comply with all applicable privacy laws and regulations. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help your organization achieve compliance.
IT Consultant
IT Consultant
IT Consultants provide advice and guidance to organizations on how to improve their IT systems. In this role, you'll need to be familiar with a variety of risk management frameworks and standards, including NIST and ISO. This course will provide you with a solid foundation in these frameworks and standards, and you'll be able to apply your knowledge to help your clients improve their IT systems.
Risk Analyst
Risk Analyst
This course will introduce you to the world of risk management, with a focus on security. Students will study different frameworks and standards, such as NIST and ISO, to help them identify and manage risks. In this role, you'll play a vital role in safeguarding your company's information and assets. You'll be able to develop a deep understanding of risk management frameworks, NIST and ISO standards, and audit and assessment tools through this course.
Project Manager
Project Manager
Project Managers are responsible for planning, executing, and closing projects. In this role, you'll need to be able to identify and manage risks that could impact your project's success. This course will provide you with a solid foundation in risk management frameworks and standards, and you'll be able to apply your knowledge to help your projects succeed.
Business Analyst
Business Analyst
As a Business Analyst, you'll be responsible for analyzing business processes and identifying opportunities for improvement. In this role, you'll need to be familiar with risk management frameworks and standards to help you identify and mitigate risks that could impact your organization's business processes.
Data Analyst
Data Analyst
Data Analysts use data to identify trends and patterns that can help businesses make better decisions. In this role, you'll need to be familiar with risk management frameworks and standards to help you identify and mitigate risks that could impact your organization's data.
For more career information including salaries, visit:
OpenCourser.com/course/nzwv6j/dominant
Reading list
We've selected 12 books
that we think will supplement your
learning. Use these to
develop background knowledge, enrich your coursework, and gain a
deeper understanding of the topics covered in
Dominant Risk Management Standards and Frameworks.
This NIST publication provides detailed guidance on risk management for information systems and organizations. It key reference for the course's exploration of the NIST Risk Management Framework.
Provides a comprehensive guide to risk management, based on the British Standard for risk management. It useful reference for learners interested in implementing a risk management system that meets international standards.
Provides a comprehensive overview of the FAIR model, a leading framework for assessing and quantifying cybersecurity risk. It useful reference for learners interested in understanding this approach to risk management.
Save
Provides an engaging and thought-provoking perspective on risk management, arguing that it is an art form that requires creativity and intuition. It useful reference for learners interested in developing their own approach to risk management.
Save
Provides a practical guide to risk management for practitioners in a variety of fields. It useful reference for learners interested in applying risk management principles to their own work.
Provides a comprehensive overview of risk management and uncertainty in business. It useful reference for learners interested in understanding the broader context of risk management in decision-making.
Provides a clear and concise overview of risk management, making it a useful resource for learners with little or no prior knowledge of the subject.
Provides a practical guide to risk management, covering the key principles, processes, and techniques. It valuable resource for risk managers and other professionals responsible for managing risk in their organizations.
Provides a step-by-step guide to the risk management process, from identifying risks to developing and implementing risk mitigation strategies. It useful resource for organizations looking to improve their risk management practices.
Provides a comprehensive framework for enterprise risk management, covering the key principles, processes, and techniques. It valuable resource for risk managers and other professionals responsible for managing risk across the enterprise.
Provides a basic overview of risk management, covering the key principles and techniques. It useful resource for beginners looking to learn more about risk management.
Provides a comprehensive overview of risk management, covering the key principles, processes, and techniques. It valuable resource for risk managers and other professionals responsible for managing risk in their organizations.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/nzwv6j/dominant
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Rating
4.7
Effort
8 hours to complete
Level
Intermediate
Via
Coursera
Institution
University System of Georgia
Instructors
Herbert J. Mattord, Ph.D., CISM, CISSP, CDP
Michael Whitman, Ph.D., CISM, CISSP
Language
English
Transcripts
Español
Français
Português
Deutsch
Italiano
中文
العربية
한국어
日本語
हिंदी
Nederlands
Svenska
Pусский
Türkçe
Polski
Ελληνικά
українська мова
Bahasa Indonesia
ไทย
қазақша
This course belongs to a
collection
called
Cybersecurity Risk Management Frameworks. It's comprised of four courses:
- Implementing a Risk Management Framework
- Dominant Risk Management Standards and Frameworks (viewing)
- Cybersecurity Foundations for Risk Management
- A General Approach to Risk Management
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser