Learn your way! Get started

Certified Information Security Manager CISM, Part 2 of 4: Risk Management

with Kenneth Mayer


Watch trailer


Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack

Release date 3/12/2018
Level Intermediate
Runtime 2h 16m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

This course covers processes that deal with risk management and establishing a process for information asset classification, systematic risk assessment, business impact assessments, threat and vulnerability evaluations, identify and evaluate information security controls, lifecycle process and finally reporting changes in information. This course is part of a series covering the ISACA Certified Information Security Manager (CISM).

Prerequisites

This is part 2 of the series

Learning Paths

This course will help you prepare for the following certification and exam:
Certified Information Security Manager

Meet the

Kenneth Mayer As a certified Microsoft Instructor, Ken has focused his career on various security aspects of computer and network technology since the early 1980s. He has offered a wide variety of IT training and high level consulting projects for Fortune 500 companies globally. Through the course of his extensive career, he has taught a full line of Microsoft, CompTIA, Cisco, and other high level IT Security curricula.


Course outline



Risk Overview and concepts

Risk Management Overview (14:52)
  • Introduction (01:58)
  • Risk Management Overview (07:07)
  • Importance of Risk Management (02:15)
  • Risk Management Outcomes (03:22)
  • Summary (00:08)
Information Security Risk Management (15:36)
  • Introduction (04:16)
  • Information Security Risk Management (03:07)
  • Scope and Charter (05:13)
  • Roles and Responsibilities (02:51)
  • Summary (00:08)
Information Security Management Concepts (07:10)
  • Introduction (00:23)
  • Information Security Management Concepts (03:33)
  • Network Equipment (03:06)
  • Summary (00:08)
Risk Management Framework (16:55)
  • Introduction (02:10)
  • Risk Management Framework (02:00)
  • The External Environment (03:54)
  • Risk Management Context (03:09)
  • Gap Analysis (04:09)
  • Risk Analysis (01:22)
  • Summary (00:08)

Assessment, Controls and Objectives

Risk Assessment (39:17)
  • Introduction (01:20)
  • Risk Assessment (06:44)
  • Other Risk Assessment Approaches (03:07)
  • Identification of Risks (07:28)
  • Risk (03:27)
  • Risk Analysis (08:35)
  • Evaluation of Risks (08:25)
  • Summary (00:08)
Controls and Countermeasures (22:40)
  • Introduction (00:26)
  • Controls and Countermeasures (08:21)
  • Information Resource Valuation (06:42)
  • Determining Classification (05:58)
  • Impact Continued (01:03)
  • Summary (00:08)
Recovery Point Objectives (20:14)
  • Introduction (00:51)
  • Recovery Point Objectives (06:17)
  • Third-Party Service Providers (07:57)
  • Project Management (02:57)
  • Risk Monitoring and Communication (02:03)
  • Summary (00:08)