×
Phoenix TS

Information Security Risk Assessment through Data Collection and Analysis Training

This training course is directed toward professionals with job roles related to information security.

Course Overview

This four day instructor-led course teaches the security practitioner to find out:

  • What needs protection
  • What risks those assets are exposed to
  • What controls are in place to offset those risks
  • Where to focus attention for risk treatment

Expert lecture and exercises enforce the true value and purpose of information security risk assessments. Student gain proficiency in conducting effective risk assessments that provide defendable analysis of residual risk association to present risk treatment options. This course gives students the tools and skills to acquire a quick, reliable, and thorough risk assessment for key stakeholders.

Schedule

Currently, there are no public classes scheduled. Please contact a Phoenix TS Training Consultant to discuss hosting a private class at 240-667-7757.

[image]

Not seeing a good fit?

Let us know. Our team of instructional designers, curriculum developers, and subject matter experts can create a custom course for you.

Contact Us

Learn more about custom training

Course Outline

Information Security Risk Assessments

  • What is Risk?
  • What is Information Security Risk Assessment?
  • Drivers, Laws, and Regulations

Practical Approach to Information Security Assessment

  • Risk Assessment Frameworks
  • OCTAVE
  • NIST SP 800-30
  • ISO 27005

Data Collection

  • The Sponsor
  • The Project Team
  • Data Collection
  • Document Requests
  • IT Asset Inventory
  • Asset Scoping
  • Asset Profile Survey
  • Survey Support
  • Module 3 Exercises

Data Analysis

  • Compiling Observations from Organizational Risk Documents
  • Preparation of Threat and Vulnerability Catalogs
  • Overview of the System Risk Computation
  • Impact Analysis Scheme
  • Control Analysis Scheme
  • Likelihood Analysis Scheme
  • Final Risk Score
  • Module 4 Exercises

Risk Assessment

  • System Risk Analysis
  • Module 5 Exercises

Risk Prioritization and Treatment

  • Organizational Risk Prioritization and Treatment
  • System Specific Risk Prioritization and Treatment
  • Issues Register
  • Module 6 Exercises

Reporting

  • Outline
  • Risk Analysis Executive Summary
  • Methodology
  • Results
  • Risk Register
  • Module 7 Exercises

Maintenance and Wrap Up

  • Process Summary
  • Key Deliverables
  • Post Mortem

FAQs

Who is this training for?

Information security and related professionals are the ideal candidates to take this training course. Other professionals that could potentially find this course useful are risk professionals, control professionals, business analysts, project managers, and compliance professionals.

Register Contact Us

$0 – $1,990

  • Price Match Guarantee

    We’ll match any competitor’s price quote. Call us at 240-667-7757.

  • Included in this Information Security Risk Assessment through Data Collection and Analysis Training

    • 4 days instructor-led training
    • Information Security Risk Assessment through Data Collection and Analysis Training training book
    • Notepad, pen and highlighter
    • Variety of bagels, fruits, doughnuts and cereal available at the start of class*
    • Tea, coffee and soda available throughout the day*
    • Freshly baked cookies every afternoon*
Subscribe now

Get new class alerts, promotions, and blog posts