Cyber Risk Assessments (RISK-221-ASE)
This is a closed class. It requires a contract. On-site for 22 people.
Days: 5 Days Labs: Yes –Local Cyber Range
Type of Course: Advanced Security / Managerial
Prerequisites: Introduction to Risk Management (RISK-101-MIL) or (RISK-102-COM)
About this course: Maps to the NICE Information Assurance Compliance Securely Provision specialty areas concerned with conceptualizing, designing, and building secure IT systems, with responsibility for some aspect of the systems’ development.
Goals: Know how to implement a risk assessment process to increase the effectiveness of your IS program. This course will have a subsection on the CRISC exam.
Topics: Risk Assessment and the technical process, generating a repeatable process for period-to-period comparison, direction for minimizing risk, improving security and meeting regulatory compliance guidelines. Optional modules will be covered if time permits.
Methods of instruction: There are 8 different possible exercises that can be used in a module. Some examples include: threats and controls, case studies, risk analysis practice, and reading review. Technical labs will require basic skills in operating systems and virtualization. As soon as students become too comfortable, the instructor will switch methods.
Students are expected to have basic experience in the areas of networking and DoD Cybersecurity as well as knowledge of related Cybersecurity policies and procedures.
Course support DISA responsibilities in DoD Cybersecurity Discipline Implementation Plan, DoD I 8551.01, the STIG’s and NIST SP800-53. The course covers topics in NICCS / NICE and ARTEP.