Closing Summary of Risk Management

Video Activity

This lesson summarizes the module about risk management. Companies need to look at values associated with risks to determine mitigation strategies and respond to risk. Companies must always consider risks in their environment. It's important to stay in the know and use all available resources.

Join over 3 million cybersecurity professionals advancing their career

Sign up with

or

Already have an account? Sign In »

Course

Time

10 hours 28 minutes

Difficulty

Advanced

CEU/CPE

15

Video Description

This lesson summarizes the module about risk management. Companies need to look at values associated with risks to determine mitigation strategies and respond to risk. Companies must always consider risks in their environment. It's important to stay in the know and use all available resources.

Video Transcription

00:04

all right, so that brings our chapter on risk to a close. Remember, the first step in any decision you have to make is risk management. Start by identifying your assets

00:16

that's under risk assessment. Identify your assets. Look at the threats and vulnerabilities. Try to find a value associate ID with those risks, the potential for loss both qualitative. But then knowing that we need quantitative as well. And quantitative is really where we make our business decisions. Having that analysis complete.

00:36

Now we can determine the mitigation strategy

00:39

and we decide how we're gonna respond to risks. Reduce except transfer remembers part of due diligence. I have to I have to stay knowledgeable. We know that risk monitoring is not a one time thing. Once and done, you're always considering risks in your environment.

00:56

Every decision we make is gonna bring risks into the picture.

00:59

So I stay knowledgeable by looking at Resource is that I have available, whether it's through news feeds or Web logs or, uh, new sights, whatever that may be. Don't forget that even though a mitigation strategy might be to transfer risk, outsource,

01:19

you're not eliminating risks,

01:19

so make sure your security contracts are well written. The, uh, expectations are clearly defined. And don't forget including the right to audit as part of your contracts to make sure that you can keep your vendors honest.

Up Next

Security Policies & Procedures (part 1)

Security Policies & Procedures (part 2.1)

Security Policies & Procedures (part 2.2)

Security Policies & Procedures (part 3.1)

Security Policies & Procedures (part 3.2)

CompTIA CASP

In our online CompTIA CASP training, you will learn how to integrate advanced authentication, how to manage risk in the enterprise, how to conduct vulnerability assessments and how to analyze network security concepts and components.

Instructed By

Kelly Handerhan

Kelly Handerhan

Senior Instructor