SWENG5180 - Cyber Risk Management
Course Description
This 7-week, 21-hour course provides students with foundation in Cyber Risk Management, aligned with the National Institute of Standards and Technology(NIST) RMF 800-37R2, and uses NIST SP800-53A, the assessment of security and privacy controls in information systems and organizations.
Students will learn the skills need to perform regular risk assessments, define Risk, Risk scoring and identify gaps.
- Assign NIST security controls and countermeasures
- Use of Risk Assessment Tools
- Develop a NIST Risk Management Framework
- Identify KPIs and KRIs for Risk Management
- Integrate Risk Management Strategy into Business Functions
Students will first conduct a Cyber Risk Management exercise on a fictional company, with the culmination of applying to either their company, or a fictional
company on their own, followed by a peer review
*Course Outcomes:
At the completion of this course, students will be able to:
- Perform a complete cyber risk assessment.
- Inventory companies most critical information assets.
- Assign a data owner and custodian to an information asset.
- Assign classification values to critical information assets.
- Prioritize risk remediation efforts as a result of performing a risk assessment.
- Evaluate risk management models for use in their own organization.