Description
1 – INTRODUCTION TO IT RISK MANAGEMENT
- Governance and Risk management
- The Context of IT Risk Management
- Key Concepts of Risk
- Risk in Relation to Other Business Functions
- IT Risk Management Good Practices
2 – IT RISK ASSESSMENT
- Risk Capacity, Risk Appetite and Risk Tolerance
- Risk Culture and Communication
- Elements of Risk
- Information Security Risk Concepts and Principles
- The IT Risk Strategy of the Business
- IT Concepts and Areas of Concern for the Risk Practitioner
- Methods of Risk Identification
- IT Risk Scenarios
- Ownership and Accountability
- The IT Risk Register
- Risk Awareness
3 – IT RISK ASSESSMENT
- Risk Assessment Techniques
- Analyzing Risk Scenarios
- Current State of Controls
- Changes in the Risk Environment
- Project and Program Management
- Risk and Control Analysis
- Risk Analysis Methodologies
- Risk Ranking
- Documenting Risk Assessments
4 – RISK RESPONSE AND MITIGATION
- Aligning Risk Response with Business Objectives
- Risk Response Options
- Analysis Techniques
- Vulnerabilities Associated with New Controls
- Developing a Risk Action Plan
- Business Process Review Tools and Techniques
- Control Design and Implementation
- Control Monitoring and Effectiveness
- Types of Risk
- Control Activities, Objectives, Practices and Metrics
- Systems Control Design and Implementation
- Impact of Emerging Technologies on Design and Implementation of Controls
- Control Ownership
- Risk management Procedures and Documentation
5 – RISK AND CONTROL MONITORING AND REPORTING
- Key Risk Indicators
- Key Performance Indicators
- Data Collection and Extraction Tools and Techniques
- Monitoring Controls
- Control Assessment Types
- Results of Control Assessments
- Changes to the IT Risk Profile