Information Security Risk Management


Units: 6


This course examines risk management practices and principles to improve information security.  The course provides education on information security risk identification, evaluation, and related response decisions given resource constraints. Students will learn foundational concepts in risk management and economic valuation and will be introduced to standard risk management approaches for identifying, analyzing, responding, and monitoring risks. Both qualitative and quantitative approaches will be examined.

Learning Outcomes

Build on a foundational understanding of risk management to include the definitions of risk,
related elements, risk management, response, etc.
. Identify standards and other literature that provide direction on how to conduct analysis and
manage uncertainty.
. Implement the OCTAVE Allegro and FORTE process methodologies.
. Explore the use of other methodologies and tools for risk management.
. Research and analyze those factors that are important to the successful implementation of a risk
management program within an organization.
. Develop and justify practical strategies, tools and practices that can lead to an adaptive
approach to risk management in a variety of settings, scales, and diverse industry applications.

Prerequisites Description