Security Risks: Key Risk Terms & Concepts
IT Security
| Beginner
- 16 videos | 1h 52m 21s
- Includes Assessment
- Earns a Badge
Familiarity with key terms and concepts associated with security risk enables security leaders to identify, evaluate, and prioritize security risks. In this course, you'll get familiar with the terminologies, activities, and concepts associated with a security risk management process. You'll start by discovering the interdependence between assets, vulnerabilities, threats, and risks. You'll then investigate how to assess risk probability, measure the impact created by it, and the difference between risk appetite and risk tolerance. Next, you'll examine the components, benefits, and stages of a risk management process. You'll also identify different methods of treating risk and the importance of implementing controls as a part of a risk-based approach. Lastly, you'll recognize the standards for risk management and the advantages of managing and assessing security risk.
WHAT YOU WILL LEARN
-
Discover the key concepts covered in this course
Outline how risks are related to assets
Identify the similarities and differences between likelihood and probability assessment
Recognize the role of vulnerabilities in risks and the correlation between risk and threat
Outline risk probability, the impact generated by it, and how to measure it using a risk score
Describe risk severity and identify various risk security levels
Identify potential risks that may exist within an organization and differentiate between risk appetite and risk tolerance
Define the concept and advantages of a risk management process -
Recognize the importance of a risk management plan and identify its components
Describe the role of a risk register in managing risk and outline the elements of risks listed within it
Describe the features of different risk treatment methods
Recognize the importance of managing risk and implementing a risk-based approach
Outline the elements of the cobit 5 framework and describe the iso 31000 standard for risk management
List the three key stages of a risk management process: risk identification, risk assessment, and risk management
Illustrate the importance of security risk assessment in preempting and preparing for risks, prioritizing risks, and identifying assets to be protected
Summarize the key concepts covered in this course
IN THIS COURSE
-
1m 28sIn this video, you’ll learn more about the instructor and the course. In this course, you will learn about the various key terms that are associated with risk and risk management process. These terms will help you understand the concepts that will be discussed later in the courses in this learning track. FREE ACCESS
-
9m 14sIn this video, you’ll review the different concepts relating to risk. You’ll talk about risk in your general life as well as risk in relation to assets. You’ll learn any key asset of an organization is prone to risks. You’ll discover any asset with a risk is known as a risk asset. You’ll also explore risk detection, and learn how to detect a threat rather than prevent it. FREE ACCESS
-
3. Likelihood versus Probability7m 15sIn this video, you’ll learn more about the two key terms associated with risk, likelihood and probability. You’ll learn that likelihood gives you the impact in a qualitative manner, whereas probability gives you the impact in a quantitative manner. Probability is objective. You’ll look at specific examples of each. FREE ACCESS
-
4. Vulnerabilities, Threats and Risks12m 49sIn this video, you’ll learn more about the correlation between risk and threat. You’ll review the fact that a risk occurs when a threat exploits the vulnerabilities. You’ll also review threats, which are incidents that harm an asset, such as an application or system. Finally, you’ll review the term vulnerability, which is a weakness that can be exploited by a threat. You’ll learn a risk is directly proportionate to the number of the vulnerabilities. FREE ACCESS
-
5. Risk Probability, Impact and Risk Score4m 27sIn this video, you’ll learn more about risk probability. You’ll learn that risk probability is the likelihood of a risk occurring, which will generate an impact if the risk occurs. You’ll learn to use the risk score, which is probability multiplied by the impact. You’ll discover risk probability is measured in a quantitative manner. FREE ACCESS
-
6. Elements of Risk Severity7m 14sIn this video, you’ll learn more about risk severity. You’ll learn risk severity simply refers to how critical a risk is. You’ll discover this is also known as the level of risk, and it determines the technical impact of a risk. A risk may have a low impact or risk may have a high impact. Depending on the level of impact, you have to decide the risk severity. You’ll learn that risk severity defines impact. FREE ACCESS
-
7. Risk Appetite versus Risk Tolerance3m 18sIn this video, you’ll learn more about risk appetite and risk tolerance. You’ll learn that every organization has the ability or the capability to handle risks. You’ll discover organizations can tolerate some risks, mitigate some risks, and avoid some risks. In this video, you’ll look at a risk pyramid. The bottom layer encompasses the risks in an organization, then comes a layer of risk capacity, the risk tolerance, and then risk appetite. FREE ACCESS
-
8. Advantages of a Risk Management Process3m 57sIn this video, you’ll learn more about the risk process for risk management. You’ll learn it’s critical for organizations to have a risk process in place. If they don’t have one, they won’t be able to handle risks within the organization. Without a risk process, organizations may not even know what kind of risks exist within their organization. You’ll learn a risk process can help stakeholders within organizations make timely decisions when handling risks. FREE ACCESS
-
9. Components of a Risk Management Plan8m 59sIn this video, you’ll learn more about the risk management plan. You’ll learn it provides a structured approach for identifying, analyzing, and monitoring risks. A risk management plan provides the processes and the methods to help control risks. You’ll learn a risk management plan helps reduce the cost of future risks. You’ll discover a risk management plan is a necessary document for every organization, and is the starting point for the risk management process. FREE ACCESS
-
10. Risk Management Using a Risk Register12m 3sIn this video, you’ll learn more about documenting risks. You’ll learn that a list of documented risks is called a risk register. The risk register is a centralized repository of risks used to assign severity levels to identified risks. You’ll learn that these identified risks are those that can impact the assets within an organization. You’ll discover risk registers can also be created for specific projects within an organization. FREE ACCESS
-
11. Risk Treatment Methods7m 4sIn this video, you’ll learn more about identified risks. You’ll discover that once a risk is identified, it must be treated. A risk can be treated in different ways. You’ll learn a risk can be handled by simply transferring it, or you could mitigate the risk, or you could accept the risk. This video will look at different methods for treating risks. FREE ACCESS
-
12. Importance of Risk Management9m 38sIn this video, you’ll learn more about the risk management process. You’ll learn why risk management is an important business practice that helps businesses identify, evaluate, track, and mitigate the risks that might be present in an existing environment. You’ll discover that risk management is practiced by organizations of all sizes. Smaller organizations tend to manage risk informally, while larger organizations do it in a formal way. FREE ACCESS
-
13. Frameworks and Standards for Risk Management9m 55sIn this video, you’ll learn about frameworks that help manage risks. You’ll learn these frameworks help establish a risk management process within an organization. These frameworks include COBIT 5, which provides a risk management process known as APO12 Manage Risk. In this framework, you’ll collect and analyze data to come up with risks. After you’ve identified the risks, you’ll analyze them. Then, you’ll learn about the ISO 31000 framework which is dedicated to risk management. FREE ACCESS
-
14. Stages in the Security Risk Management Process6m 26sIn this video, you’ll learn about the different steps in a risk management process. You’ll learn there is no right or wrong number of steps, it just depends on how your risk management process is defined. You’ll discover this could be a very brief process, with just only three steps: risk identification, risk assessment, and risk management. Here, you will walk through, and learn more about, each of these three steps. FREE ACCESS
-
15. Security Risk Assessment6m 49sIn this video, you’ll learn about security risk assessment. You’ll discover this is a method of identifying risks within an organization. Before you identify the risks, you’ll first have to identify the assets that must be protected. You’ll learn that security risk assessment is typically required by the compliance standards or frameworks such as PCI-DSS, HIPAA, or FISMA. You’ll discover there are different compliance and standards that require you to complete a security risk assessment. FREE ACCESS
-
16. Course Summary1m 45sIn this video, you’ll summarize what you’ve learned in the course. You learned the key terms and concepts of risks. You learned about likelihood versus probability, security threat as a risk, risk probability and impact, and risk severity. You also discovered risk appetite versus risk tolerance, concept of risk process, concept of risk management plan, concept of risk register, risk treatment methods, and more. FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
