10 hours 28 minutes

Video Description

This lesson summarizes the module about risk management. Companies need to look at values associated with risks to determine mitigation strategies and respond to risk. Companies must always consider risks in their environment. It's important to stay in the know and use all available resources.

Video Transcription

all right, so that brings our chapter on risk to a close. Remember, the first step in any decision you have to make is risk management. Start by identifying your assets
that's under risk assessment. Identify your assets. Look at the threats and vulnerabilities. Try to find a value associate ID with those risks, the potential for loss both qualitative. But then knowing that we need quantitative as well. And quantitative is really where we make our business decisions. Having that analysis complete.
Now we can determine the mitigation strategy
and we decide how we're gonna respond to risks. Reduce except transfer remembers part of due diligence. I have to I have to stay knowledgeable. We know that risk monitoring is not a one time thing. Once and done, you're always considering risks in your environment.
Every decision we make is gonna bring risks into the picture.
So I stay knowledgeable by looking at Resource is that I have available, whether it's through news feeds or Web logs or, uh, new sights, whatever that may be. Don't forget that even though a mitigation strategy might be to transfer risk, outsource,
you're not eliminating risks,
so make sure your security contracts are well written. The, uh, expectations are clearly defined. And don't forget including the right to audit as part of your contracts to make sure that you can keep your vendors honest.

Up Next


In our online CompTIA CASP training, you will learn how to integrate advanced authentication, how to manage risk in the enterprise, how to conduct vulnerability assessments and how to analyze network security concepts and components.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor