From the course: ISC2 Certified in Governance, Risk and Compliance (CGRC) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
NIST risk management framework
From the course: ISC2 Certified in Governance, Risk and Compliance (CGRC) Cert Prep
NIST risk management framework
Welcome back, let's review the NIST Risk Management Framework, and this is a very important part of this exam. In fact, about 90% of what you need to pass the exam is in this next section. So starting from the big picture, there are seven steps, the preparation, categorize, select, implement, assess, authorize, and monitor. What you want to do is memorize the names and each of the steps, know the purpose of each step, then learn the primary roles and responsibilities, which we're going to cover in the next slide. Additionally, once you memorize the steps, you need to know the tasks that happened at each step and the purpose of each task. You do not want to memorize, although we'll mention the inputs and outputs at each of the steps, you don't have to memorize them. Let's do a summary of the roles and responsibilities. First, we have the information system owner, the ISO. They own the information system security. Then we have the authorizing official, and they are senior management and…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
(Locked)
Security and privacy governance, risk management, and compliance program introduction4m 57s
-
(Locked)
Principles of information security3m 41s
-
(Locked)
Risk5m 9s
-
(Locked)
Risk response2m 29s
-
(Locked)
Security authorization process4m 24s
-
(Locked)
NIST risk management framework4m 45s
-
(Locked)
CGRC government documentation12m 53s
-
(Locked)
-
-
-
-
-
-
-
-