Information Security Risk Management and Business Continuity Planning
As we’ve learned, Information Security is ultimately about protecting the assets most crucial to your business through preserving the Confidentiality, Integrity and Availability of your information. In this 3-day course, IT professionals and security officers learn to assess and manage risk in their organization and plan for the unexpected. Risk management includes recognizing the assets key to your business success, documenting known threats and their likelihood, calculating the impact of a potential breach and implementing specific controls to avoid breaches or minimize the impact if any occur. Further, for those assets, you identify processes to recover from a breach, and explicitly recognize the remaining risk that you choose to accept. Business continuity and disaster recovery planning extends this by responding when the unexpected happens and preparing to continue conducting business as usual, and as quickly as possible with as little impact on day to day operations. When disaster strikes, how much will it affect your company? Your reputation? Your customers? In this course, you learn to identify and evaluate risk to your highest priority assets, and also how to design, implement and maintain effective, risk treatment controls. This course is also helpful for those working toward industry certifications like CRISC, ABCP, CFCP, CBCI, Security+ or others.
After completing this course, you will be able to:
- Describe generalized risk management lifecycle as starting point in organizational discussions and how processes fit together
- Identify models/frameworks related to Risk Management and Business Continuity Planning/Disaster Recovery Planning
- Paraphrase the process for business impact analysis interviews and calculating values
- Paraphrase the process for assessing and analyzing risk scenarios quantitatively and qualitatively
- Outline the contents expected in in a Risk Treatment Plan and BCP/DRP documents
- Participate in risk management implementation audit Describe the role of governance in managing risk and compliance
- Describe management support and identify team responsibilities
- Scope the current situation in terms of documents to gather and questions to ask. Describe the management requirements to implement risk and resiliency strategy
- Recognize the scope of potential risk response and BCP/DRP strategies appropriate to level of risk
- Categorize investment requirements Discuss requirements and proposals with security professional Begin to prepare for various security-related certification exams or a security lead position.
- For more info about this course please open datasheet
Cieľová skupinaNew System or Network Administrators who want to understand how to determine and manage risk, including an appropriate business continuity strategy IT Professionals who need an overview of risk management and BCP/DR concepts and techniques Individuals working towards (or considering) an information security or risk management-focused certification Professionals who want to know more about risk management because it’s important for their job as a security practitioner Professionals who want to know more about business continuity strategies because everybody needs to be ready for the unexpected!