Advanced Risk Management
Buy now
Learn more
Discussions
Course Motivation
0.0 Shifting from technical execution to strategic risk management.
The Strategic Imperative of the Security Function
IBM - Motivation for Risk Analysis in CyberSecurity (11 min)
Google - Security Frameworks (30 min)
Introduction: The Evolution of Security Management
1. Introduction to ISO/IEC 27005 and information security risk management
Introduction: The Evolution of Risk Management Standardisation
International Standardisation: ISO 31000 versus ISO 27005
The ISO Risk Management and other frameworks
The Psychology of Risk Perception and Decision-Making
The ISO 31000 Architecture: Principles, Framework, and Process
Review of Risk Assessment Methodologies (IEC 31010)
Scope, Context, and Criteria
Leadership, Governance, and Corporate Commitment
Quiz01 - Risk Management [Day01]
2. Information Security Risk Identification, Assessment, and Treatment (ISO/IEC 27005)
Delayed 1 days
Identification and description of information security risks
Identification of risk owners
Assessment of potential consequences
Determination of risk levels
Comparison of risk analysis results with established risk management criteria
Risk prioritization
Determination of required controls for risk treatment
Risk treatment plan
Quiz02 - Risk Identification, Assessment and Treatment [day2]
3 - Risk Acceptance, Communication, Monitoring and Review
Delayed 2 days
Key Take aways (Module 01 - Module 02)
Quiz03 - Recap - Session 1 & 2
Communication and Consultation of Results
Documentation of the Risk Analysis Process
Documentation of Results
Monitoring of Risk-Generating Factors
Deep Dive: Navigating Complexity with ISO/TS 31050 and the Risk Intelligence Cycle
Future-Looking Challenges for Risk Management and ISO/IEC 27005
4 - Risk Assessment Methodologies
Delayed 3 days
The Methodological Shift: Transcending Traditional Frameworks
Technique 1: STRIDE for Cloud and PaaS Architectures
Technique 2: Subjective Evaluation of Opaque AI Risks
FMEA, Red Teaming, and Risk Register Integration
Risk Monitoring Processes
Part A - Scenarios for Cloud and AI Environments (Practice Lab)
Part B: Procedure to Execute an FMEA Analysis
05 - ISO 27005 Risk Assessment Using FMEA
Delayed 4 days
Process Overview - Lab: AI and Cloud Services
Quiz - Simulation exam
Quiz - summary
Products
Course
Section
Lesson
International Standardisation: ISO 31000 versus ISO 27005
International Standardisation: ISO 31000 versus ISO 27005
Advanced Risk Management
Buy now
Learn more
Discussions
Course Motivation
0.0 Shifting from technical execution to strategic risk management.
The Strategic Imperative of the Security Function
IBM - Motivation for Risk Analysis in CyberSecurity (11 min)
Google - Security Frameworks (30 min)
Introduction: The Evolution of Security Management
1. Introduction to ISO/IEC 27005 and information security risk management
Introduction: The Evolution of Risk Management Standardisation
International Standardisation: ISO 31000 versus ISO 27005
The ISO Risk Management and other frameworks
The Psychology of Risk Perception and Decision-Making
The ISO 31000 Architecture: Principles, Framework, and Process
Review of Risk Assessment Methodologies (IEC 31010)
Scope, Context, and Criteria
Leadership, Governance, and Corporate Commitment
Quiz01 - Risk Management [Day01]
This section is
delayed by 1 days.
2. Information Security Risk Identification, Assessment, and Treatment (ISO/IEC 27005)
Identification and description of information security risks
Identification of risk owners
Assessment of potential consequences
Determination of risk levels
Comparison of risk analysis results with established risk management criteria
Risk prioritization
Determination of required controls for risk treatment
Risk treatment plan
Quiz02 - Risk Identification, Assessment and Treatment [day2]
This section is
delayed by 2 days.
3 - Risk Acceptance, Communication, Monitoring and Review
Key Take aways (Module 01 - Module 02)
Quiz03 - Recap - Session 1 & 2
Communication and Consultation of Results
Documentation of the Risk Analysis Process
Documentation of Results
Monitoring of Risk-Generating Factors
Deep Dive: Navigating Complexity with ISO/TS 31050 and the Risk Intelligence Cycle
Future-Looking Challenges for Risk Management and ISO/IEC 27005
This section is
delayed by 3 days.
4 - Risk Assessment Methodologies
The Methodological Shift: Transcending Traditional Frameworks
Technique 1: STRIDE for Cloud and PaaS Architectures
Technique 2: Subjective Evaluation of Opaque AI Risks
FMEA, Red Teaming, and Risk Register Integration
Risk Monitoring Processes
Part A - Scenarios for Cloud and AI Environments (Practice Lab)
Part B: Procedure to Execute an FMEA Analysis
This section is
delayed by 4 days.
05 - ISO 27005 Risk Assessment Using FMEA
Process Overview - Lab: AI and Cloud Services
Quiz - Simulation exam
Quiz - summary
Lesson unavailable
Please
login to your account
or
buy the course
.