The Security Risk Assessment Handbook

Time to level up. This security risk assessment course turns beginners into experts, one interactive lesson at a time.

(SEC-RISK.AV1) / ISBN : 978-1-64459-736-1
Lessons
AI Tutor (Hinzufügen Auf)
Holen Sie sich eine kostenlose Testversion

Über diesen Kurs

Enroll in our security risk assessment course to master the art of identifying threats, analyzing vulnerabilities, and implementing rock-solid safeguards.

In this course, dive into every phase of a professional security risk assessment, from project scoping and data gathering to risk analysis and mitigation. Learn the RIIOT method for bulletproof evaluations, dissect +200 security controls, and access interactive exercises that turn theory into action.

From small businesses to high-stakes agencies like the CIA and NATO, this training gives you the tools, frameworks, and insider techniques to assess risks like a professional. 

Fähigkeiten, die Sie erwerben werden

  • RIIOT Method: Learn to systematically gather, analyze, and report security risk data with a proven framework.
  • Threat & Vulnerability Analysis: Identify critical threats, assess vulnerabilities, and prioritize risks.
  • Risk Mitigation Strategies: Select and implement the right safeguards to reduce risk based on organizational needs.
  • Security Control Evaluation: Assess over 200+ administrative, technical, and physical controls.
  • Professional Risk Reporting: Deliver clear, actionable security reports that drive decision-making for stakeholders.
  • Real-World Risk Assessment Execution: Manage full-scale assessments from scoping to final recommendations, just as top agencies (CIA, NATO) do.

1

Introduction

  • The Role of the Chief Information Security Officer
  • Ensuring a Quality Information Security Risk Assessment
  • Security Risk Assessment
  • Related Activities
  • The Need for This Course
  • Who Is This Course For?
  • Exercises
  • Bibliography
2

Information Security Risk Assessment Basics

  • Phase 1: Project Definition
  • Phase 2: Project Preparation
  • Phase 3: Data Gathering
  • Phase 4: Risk Analysis
  • Phase 5: Risk Mitigation
  • Phase 6: Risk Reporting and Resolution
  • Exercises
  • Bibliography
3

Project Definition

  • Ensuring Project Success
  • Project Description
  • Exercises
  • Bibliography
4

Security Risk Assessment Preparation

  • Introduce the Team
  • Review Business Mission
  • Identify Critical Systems
  • Identify Asset Classes
  • Identifying Threats
  • Determine Expected Controls
  • Exercises
  • Bibliography
5

Data Gathering

  • SIDEBAR 5.1 Data Gathering: Tools versus Experience
  • Security Control Representation
  • Evidence Depth
  • The RIIOT Method of Data Gathering
  • Exercises
  • Bibliography
6

Administrative Data Gathering

  • Administrative Threats and Safeguards
  • The RIIOT Method: Administrative Data Gathering
  • Exercises
  • Bibliography
7

Technical Data Gathering

  • Technical Threats and Safeguards
  • The RIIOT Method: Technical Data Gathering
  • Exercises
  • Bibliography
8

Physical Data Gathering

  • SIDEBAR 8.1 Physical Security Assessments
  • Physical Threats and Safeguards
  • The RIIOT Method: Physical Data Gathering
  • Exercises
  • Bibliography
9

Security Risk Analysis

  • Obtaining Measurement Data for Security Risk Analysis
  • Qualitative Security Risk Analysis Techniques
  • Quantitative Security Risk Analysis Techniques
  • Summarizing Security Risk Analysis
  • Exercises
  • Bibliography
10

Security Risk Analysis Worked Examples

  • RIIOT FRAME
  • Exercises
11

Security Risk Mitigation

  • Defining Security Risk Appetite
  • Selecting Safeguards
  • Safeguard Solution Sets
  • Establishing Security Risk Parameters
  • Exercises
12

Security Risk Assessment Reporting

  • Cautions in Reporting
  • Pointers in Reporting
  • Report Structure
  • Document Review Methodology: Create the Report Using a Top-Down Approach
  • Assessment Brief
  • Action Plan
  • Exercises
  • Bibliography
13

Security Risk Assessment Project Management

  • Project Planning
  • Project Tracking
  • Taking Corrective Measures
  • Project Status Reporting
  • Project Conclusion and Wrap-Up
  • Exercises
  • Bibliography
14

Security Risk Assessment Approaches

  • Security Risk Assessment Methods
  • Security Risk Assessment Frameworks
  • Exercises
  • Bibliography

Haben Sie Fragen? Schauen Sie sich die FAQs an

  Want to Learn More?

Kontaktiere uns jetzt

The 5 key steps are:

  • Project Definition: Scope the assessment and set objectives.
  • Data Gathering: Collect security control details (administrative, technical, physical).
  • Risk Analysis: Evaluate threats, vulnerabilities, and potential impact.
  • Risk Mitigation: Recommend safeguards to reduce risk.
  • Reporting & Resolution: Deliver findings and action plans to stakeholders.

This security risk assessment training teaches the RIIOT method to execute these steps effectively.

The three core types are:

  • Physical Risks: Unauthorized access, theft, or damage to hardware/facilities.
  • Technical Risks: Cyber threats (hacking, malware, data breaches).
  • Administrative Risks: Weak policies, human error, or compliance gaps.

The course covers 200+ controls across all three categories.

This cybersecurity risk management course is the fastest way to master it:

  • Step-by-step training: From basics to advanced techniques (like RIIOT FRAME).
  • Hands-on exercises: Practice with gamified practice tests, packed with performance-based questions. 
  • Proven methods: Used by CIA, NSA, and NATO.

Risk Assessment Made Simple

  This Security Risk Assessment Course gives you the exact methods to identify vulnerabilities, analyze risks, and implement bulletproof safeguards.

$199.99

Kaufe jetzt

Ähnliche Kurse

Alle Kurse
Scrolle nach oben