Unit 9: Security Risk Management
In this unit, we will explore risk management, which is the process of identifying vulnerabilities in an organization's information systems and taking appropriate steps to ensure confidentiality, integrity, and availability of various components of the information systems. Risk assessment is an essential element of risk management, and we will identify the steps of the risk assessment process using case studies for four different types of enterprises.
Completing this unit should take you approximately 13 hours.
9.1: How Much Security Do You Really Need?
Read this page to learn about the basics of risk assessment.
9.2: Risk Management
Watch this video about security and the risk management process.
9.3: Information Security Risk Assessment Case Studies
Read the introduction to this report. After you read, describe the recommended process for risk assessment including the different roles involved. Then, read each of the case studies. As you read, try to map these two case studies to the risk assessment processes in the introduction.
9.4: Risk Assessment in Practice
Download and install this program. Use some simple cases to carry out a business risk profile assessment and defense in depth assessment.