From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep
Join today to access over 25,300 courses taught by industry experts.
Risk findings and decisions
From the course: ISC2 Information Systems Security Engineering Professional (ISSEP) Cert Prep
Risk findings and decisions
- [Instructor] Welcome back to Cybrary's ISSEP course. I'm your instructor, Brad Rhodes. Let's talk about risk findings and decisions. In this video, we're going to look at a risk model. We're going to talk about risk assessments in general, and then we're going to review and talk about risk-based decisions at the different management tiers. So this is the risk model as shown to us from the National Institute of Standards and Technologies. And I really like this chart. I'm going to highlight some important stuff on it. One, this is based on different systems. So this could be a systems level approach. This could be a requirements level approach. We start with a threat source, and we're looking at intent. So if there's intent, that's obviously a threat, right? We're going to look at a threat event. That could be something that happens, right? And as you can see, a threat source has to initiate the threat event, right? And then they have to exploit something here. They have to exploit a…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
Objectives and review of risk management4m 1s
-
(Locked)
Enterprise risk management4m 55s
-
(Locked)
Risk context, analysis, and evaluation7m 19s
-
(Locked)
Risk findings and decisions5m 6s
-
(Locked)
Stakeholder risk tolerance3m 49s
-
(Locked)
Risk remediation and system changes4m 9s
-
(Locked)
Risk treatment options4m 56s
-
(Locked)
Module summary2m 57s
-
-
-
-
-
-
-
-