Course Description

This 7-week, 21-hour course provides students with foundation in Cyber Risk Management, aligned with the National Institute of Standards and Technology
(NIST) RMF 800-37R2, and uses NIST SP800-53A, the assessment of security and privacy controls in information systems and organizations.
Students will learn the skills need to perform regular risk assessments, define Risk, Risk scoring and identify gaps.
- Assign NIST security controls and countermeasures
- Use of Risk Assessment Tools
- Develop a NIST Risk Management Framework
- Identify KPIs and KRIs for Risk Management
- Integrate Risk Management Strategy into Business Functions
Students will first conduct a Cyber Risk Management exercise on a fictional company, with the culmination of applying to either their company, or a fictional
company on their own, followed by a peer review
*Course Outcomes:
At the completion of this course, students will be able to:
- Perform a complete cyber risk assessment.
- Inventory companies most critical information assets.
- Assign a data owner and custodian to an information asset.
- Assign classification values to critical information assets.
- Prioritize risk remediation efforts as a result of performing a risk assessment.
- Evaluate risk management models for use in their own organization.

Thank you for your interest in this course. Unfortunately, the course you have selected is currently not open for enrollment. Please complete a Course Inquiry so that we may promptly notify you when enrollment opens. To inquire about registering for this program please contact the Non-Credit Registration Office at 814-867-4973 or  nc_reg_office@outreach.psu.edu

Required fields are indicated by .