Risk Management Framework - Coursera

Video created by 加州大学尔湾分校for the course "Introduction to Risk Management". Welcome to Module 2! Now that we have practiced identifying risk, ... ListRiskManagementFrameworkLoading...IntroductiontoRiskManagement加州大学尔湾分校FilledStarFilledStarFilledStarFilledStarHalf-FilledStar4.7（65個評分） | 3.6K名學生已註冊課程2（共3門，IntroductiontoCybersecurity&RiskManagement專項課程）免費註冊此課程視頻腳本Inthiscourse,youwilllearnaboutriskassessmenttechniquesandhowtoimplementanumberofstrategiesthatwillensuretheprotectionofassets.Youwilllearnabouttherelationshipbetweenassets,vulnerabilities,threats,andrisks.Youwillalsoengagewithanumberofcurrentcasestudiesintheindustrythatillustratethematerial.Youwillleavethecoursewithskillsrelatingtothreatmodelingandbusinesscontinuityplanningthathavedirectapplicationsatyourcurrentjoborinyourfuturecareer.查看授課大綱審閱FilledStarFilledStarFilledStarFilledStarHalf-FilledStar4.7（65個評分）5stars80%4stars12.30%3stars4.61%2stars1.53%1star1.53%TC2021年5月27日FilledStarFilledStarFilledStarFilledStarFilledStaritisverygoodintroductiontoRiskwithsomecasestudytodo.對您有幫助嗎？FO2021年6月14日FilledStarFilledStarFilledStarFilledStarFilledStarVERYINFORMATIVEANDRELEVANTTOCURRENTECONOMICENVIRONMENT對您有幫助嗎？從本節課中RiskManagementWelcometoModule2!Nowthatwehavepracticedidentifyingrisk,wewilldiscussthemeanstomanageit.Inthismoduleyouwillbeintroducedtothethreecategoriesofcontrols,aswellasthesixstepsoftheRiskManagementFramework(RMF).IntroductiontoRiskManagement2:46RiskManagementControls4:48RiskManagementFramework4:46教學方QasimIjazOffensiveSecurityLead以免費的價格試聽課程WelcometoRiskManagementFrameworkmodule.RiskManagementFrameworkhelpsstreamlinetherisklifecyclesothatyoucanfocusonactualtasksathand.FrameworkssuchasNationalInstituteofStandardsandTechnologiesSP800-37offersystematicapproachtotheidentification,resolution,andmonitoringofyourorganization'srisk.Itoffersguidelinesonhowtoapplyariskmanagementframeworkaswellasthesystematicapproachtocategorizationoftherisk,implementationofthecontrols,andmonitoringofyourriskmanagementprogram.Themainconceptofferedbyitisnearrealtimeriskmanagement.Itencouragesyourteamstodeployariskmanagementlifecyclethatisfednewrisksataregularbasis.Theoutcomeofitistheleadershipreadyinformation.Canbeusedforriskbaseddecisionmaking,anditcanbefedintoyourbusinesscontinuityanddisasterrecoveryoperations.Sobytheendofthisyouwillhaveinformationthatyoucanusetoprioritizehowyourorganisationcomesbackonlineafterdisasterstrikes.Riskmanagementframeworkbreaksitdownintosixdifferentstages.First,theriskteammustcategorizeinformationsystemsanddatabasedonyourbusinessimpactanalysis.Thiscouldbedatathatisstoredprocessedortransmittedsystemsthatarecriticaltoyou.Theninitialsetofbaselinesecuritycontrolsarechosen.Thesecontrolsaretailoredtoyourlocalconditions.Forexample,16characterlongpasswordsmaybesuitableforworkstations,butusingthemwillhaveahighercostandlowerbenefitforanindustrialcontrolsystem.Ifweweretolockalltheaccountsuponthreeunsuccessfulloginattemptswillthisresultinhighhelpdeskcallvolume?Couldthatactuallybecomeadenialofserviceattack?Selectionofcontrolsisnotusefuluntiltheyareimplemented.Theorganisationshouldnotonlyimplementthesecuritycontrols,butalsodocumentthegoalsofthiscontrols,howthey'regoingtobeimplementedandwherethesecontrolsaretobeimplemented.Considerthewholeriskmanagementorsecurityorganizationleaves,andwehavenewfolkscomein.Theyshouldbeabletoreadtheirdocumentationtorealize,whatsecuritycontrolsareimplemented,wheretheyare,howthey'rebeingimplemented?Theassessmentofyourcontrolswillhelpyou,betterunderstandhowtheyarebeingusedandifanybody'sdeviating.Thecontrolsshouldbeassessedregularlytoensurethatthey'reimplementedasintended,andmeetingsecurityrequirements.Thesecontrolsoftendeviateovertime.Forexample,youmaybeaskingyouruserstousestrongpasswords.Youmaybeaskingthemtouseaneightcharacterpassword.Whichhasspecialcharacters.Ithasnumbersuppercaselowercase.Alotofyourusersmayendupusinguppercasep@ssw0rd.Nowthatmayactuallymeetyoursecurityrequirements,butisitreallyagoodcontrol?Andthesearesomeofthedeviationsthatcomeintoplayhere.Theauthorizationofyourcontrolsshouldalsotakeintoaccount,theintendedpurposeofthiscontrols,howthecontrolsactuallytargetstheriskanddoesn'treallyposeanewrisk.Cantheorganisationimplementthiscontrolfromboththeorganisationalandfinancialperspective.Implementedandauthorizedcontrolsshouldberegularlymonitoredtoidentifyanydeviationsinanypossiblenegativeimpacts.ThesecuritystateofthesystemandiscontrolsshouldberegularlyreportedtohelptheSeniorManagementgetabetterunderstandingoftheorganization'sriskposture.Youmaydecideaftersomeofthemonitoringthatyoudonotfindthiscontroltoreallybefinanciallyreasonable.Oryoumaydecideyouhavemoremoneyleftoverandyouactuallycanimplementmorecontrolsorstrictercontrols.Youmayalsofinddeviationsaswediscussedearlier.Soit'simportanttogothroughallthesesixstagesanditoftenisacyclicprocess.Well,aftersomemonitoringhasbeendone,youdecidetocategorizeyourrisksdifferentlybasedonanewriskposture.Maybeyouwenttocloudandnolongerhavedatacenters,soyoudonotneedtoworryaboutthephysicalcontrolsatthedatacenter.[MUSIC]探索我們的目錄免費加入並獲得個性化推薦、更新和優惠。

開始 CourseraFooter開拓職業生涯或促進職業發展Google數據分析師Google項目管理GoogleUX設計GoogleIT支持IBM數據科學IBM數據分析師使用Excel和R的IBM數據分析IBMCybersecurityAnalystIBM數據工程IBM全棧雲開發人員Facebook社交媒體營銷Facebook市場營銷分析Salesforce銷售發展代表Salesforce銷售運營直覺簿記備考GoogleCloud認證：雲架構師備考GoogleCloud認證：雲數據工程師開啟您的職業生涯準備證書開拓職業生涯瀏覽熱門主題免費課程學習語言pythonJava網頁設計SQLCursosGratisMicrosoftExcel項目管理網絡安全人力資源數據科學免費課程說英語內容寫作全棧網絡開發人工智能C語言程序設計溝通技能區塊鏈查看全部課程熱門課程和文章適用於數據科學團隊的技能數據驅動的決策軟件工程技能工程團隊所需的軟技能管理技能營銷技能銷售團隊所需的技能產品經理技能財務技能英國的熱門數據科學課程BeliebteTechnologiekurseinDeutschland熱門網絡安全證書熱門IT證書熱門SQL證書營銷經理職業指南項目經理職業指南Python程序設計技能Web開發者職業指南數據分析師技能用戶體驗設計師方面的技能在線獲得學位或證書MasterTrack®證書專業證書大學證書MBA和商學學位DataScienceDegreesComputerScienceDegrees數據分析師學位公共衛生學位社會科學學位管理學位歐洲頂級大學學位碩士學位學士學位具有成績錄取途徑的學位學士學位課程什麼是學士學位？取得碩士學位需要多長時間？在線獲取MBA有什麼價值？報名研究生院的7種付費方式查看所有證書Coursera關於我們提供的內容管理團隊工作機會目錄CourseraPlus專業證書MasterTrack®證書學位企業版政府版面向校園成為合作夥伴新冠疫情響應社區學生合作夥伴開發者Beta測試人員專業譯員博客技術博客教學中心更多媒體投資者條款隱私幫助內容訪問聯繫我們文章目錄附屬公司隨時隨地學習©2022CourseraInc.保留所有權利。