Every organization needs to carefully manage finite resources and budgets in the course of implementing an information security strategy in order to protect the organization while achieving its business objectives. In this course, Information and Cyber Security GRC: Risk Management, you’ll learn the fundamentals of completing a risk assessment to understand and review information security in enterprise programs and activities. First, you’ll explore the objectives of an information security risk assessment. Second, you’ll learn how to build a business and technology operating model to articulate the impact of undesirable disruption to an organization’s mission. Third, you’ll use this model to create risk scenarios and understand the likelihood of threats exploiting a vulnerability in your operating environment.
Author Name: Po Yau
Author Description:
Po was born and educated in Wales, UK before going to Royal Holloway, University of London. It was during his year-in-industry placement, when responding to an incident to recover from a cyber attack, that started a journey of over 20 years in information security. Currently broadening to multiple types of technology and operational risk in the Financial sector, looking for ways to improve risk management, governance and communication to promote innovation and work with the ever changing ways … more