This courses introduces the key concepts of information security risk management. It explains the purpose of risk assessments and how quantitative and qualitative risk assessments are performed. Important risk assessment terminology is covered, including Single Loss Expectancy (SLE), Annual Rate of Occurrence (ARO), Annual Loss Expectancy (ALE) and others. The Business Impact Analysis (BIA) concepts are explained, including Recovery Point Objective (RPO), Recovery Time Objective (RTO), Mean Time Between Failures (MTBF), Mean Time To Repair (MTTR) and Single Point of Failure. The course also covers threat assessment, risk response techniques (accept, transfer, avoid, mitigate), and security documents (policies, procedures, service-level agreements and more).
Policies and ProceduresDuration: 9:56
Business Impact AnalysisDuration: 6:01
Threat AssessmentDuration: 2:29
Risk AssessmentDuration: 4:39
Meet the author
At Infosec, we believe knowledge is the most powerful tool in the fight against cybercrime. We help IT and security professionals advance their careers with a full regimen of certification and skills training. We also empower all employees with security awareness training to stay cybersecure at work and home. Driven by smart people wanting to do good, Infosec educates entire organizations on how to defend themselves from cybercrime. That’s what we do every day — equipping everyone with the latest security skills so the good guys win.
You're in good company
"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had."
"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."
"I’ve taken five boot camps with Infosec and all my instructors have been great."