From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Risk ranking
From the course: ISACA Certified in Risk and Information Systems Control (CRISC) Cert Prep
Risk ranking
- One of the most important things that we'll do once we identify all the risk, once we put some stories behind it, figure out who the threats are, figure out where our vulnerabilities might be, is ranking our risks. So how do we want to rank risk to ensure that we are appropriately treating it? This is combining everything that we know about the risk. What's the level associated with the threat? What are the characteristics, the severity of the vulnerabilities, the likelihood of success of taking advantage of those vulnerabilities? What's the impact of a successful event, et cetera, and how are we literally ranking those things against each other to make sure that we have a 1 to N list of all of our risks? It's possible that our risk ranking system might have different categories. So oftentimes you'll see people will say, well, we have critical risks and high risks and medium risks and low risks. Incredibly helpful…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
Risk events and risk factors6m 54s
-
(Locked)
Methods to identify risk and potential changes8m 15s
-
(Locked)
Threats7m 35s
-
(Locked)
Vulnerability management8m 37s
-
(Locked)
IT risk scenarios7m 30s
-
(Locked)
Risk assessment techniques6m 19s
-
(Locked)
Risk ranking6m 36s
-
(Locked)
Risk and control ownership and accountability6m 59s
-
(Locked)
Risk register4m 3s
-
(Locked)
Inherent, residual, and current risk6m 4s
-
(Locked)
Important term differentiation3m 51s
-
-
-
-