uCertify

UOP-442: Managing Risk Information management

(UOP-CMGT442.AG1)
Lessons
Lab
TestPrep
Get A Free Trial

Skills You’ll Get

Download Course Outline

1

Risk Management Business Challenges

  • What Is Risk?
  • Classify Business Risks
  • Risk Identification Techniques
  • Risk Management Process
  • Risk-Handling Strategies
  • Understanding and Protecting Assets
  • Understanding and Managing Threats
  • Understanding and Managing Vulnerabilities
  • Understanding and Managing Exploits
  • U.S. Federal Government Risk Management Initiatives
  • U.S. Compliance Laws
  • Regulations Related to Compliance
  • Organizational Policies for Compliance
  • Standards and Guidelines for Compliance
  • Objectives of a Risk Management Plan
  • Scope of a Risk Management Plan
  • Assigning Responsibilities
  • Describing Procedures and Schedules for Accomplishment
  • Reporting Requirements
  • Plan of Action and Milestones
  • Charting the Progress of a Risk Management Plan
  • Steps of the NIST Risk Management Framework
2

Risk Assessment

  • Understanding Risk Assessments
  • Critical Components of a Risk Assessment
  • Types of Risk Assessments
  • Risk Assessment Challenges
  • Best Practices for Risk Assessment
  • Selecting a Risk Assessment Methodology
  • Identifying the Management Structure
  • Identifying Assets and Activities Within Risk Assessment Boundaries
  • Identifying and Evaluating Relevant Threats
  • Identifying and Evaluating Relevant Vulnerabilities
  • Identifying and Evaluating Controls
  • Selecting a Methodology Based on Assessment Needs
  • Developing Mitigating Recommendations
  • Presenting Risk Assessment Results
  • Best Practices for Performing Risk Assessments
  • System Access and Availability
  • System Functions: Manual and Automated
  • Hardware Assets
  • Software Assets
  • Personnel Assets
  • Data and Information Assets
  • Asset and Inventory Management Within the Seven Domains of a Typical IT Infrastructure
  • Identifying Facilities and Supplies Needed to Maintain Business Operations
3

Risk Mitigation

  • Threat Assessments
  • Vulnerability Assessments
  • Exploit Assessments
  • In-Place Controls
  • Planned Controls
  • Procedural Control Examples
  • Technical Control Examples
  • Physical Control Examples
  • Best Practices for Risk Mitigation Security Controls
  • Where Should an Organization Start with Risk Mitigation?
  • What Is the Scope of Risk Management for an Organization?
  • Understanding and Assessing the Impact of Legal and Compliance Issues on an Organization
  • Translating Legal and Compliance Implications for an Organization
  • Assessing the Impact of Legal and Compliance Imp...the Seven Domains of a Typical IT Infrastructure
  • Assessing How Security Countermeasures, Controls, and Safeguards Can Assist With Risk Mitigation
  • Understanding the Operational Implications of Legal and Compliance Requirements
  • Identifying Risk Mitigation and Risk Reduction Elements for the Entire Organization
  • Performing a Cost-Benefit Analysis
  • Best Practices for Planning Risk Mitigation Throughout an Organization
  • Reviewing the Risk Assessment for the IT Infrastructure
  • Translating a Risk Assessment into a Risk Mitigation Plan
  • Prioritizing Risk Elements That Require Risk Mitigation
  • Verifying Risk Elements and How They Can Be Mitigated
  • Performing a Cost-Benefit Analysis on the Identified Risk Elements
  • Implementing a Risk Mitigation Plan
  • Following Up on the Risk Mitigation Plan
  • Best Practices for Enabling a Risk Mitigation Plan from the Risk Assessment
4

Mitigating Risk with a Business Impact Analysis & Continuity Plan

  • What Is a Business Impact Analysis?
  • Defining the Scope of the Business Impact Analysis
  • Objectives of a Business Impact Analysis
  • Steps of a Business Impact Analysis Process
  • Identifying Mission-Critical Business Functions and Processes
  • Mapping Business Functions and Processes to IT Systems
  • Best Practices for Performing a BIA for an Organization
  • What Is a Business Continuity Plan?
  • Elements of a BCP
  • How Does a BCP Mitigate an Organization’s Risk?
  • Best Practices for Implementing a BCP for an Organization
5

Mitigating Risk with a Disaster Recovery and Computer Incident Term Plan

  • What Is a Disaster Recovery Plan?
  • Critical Success Factors
  • Elements of a DRP
  • How Does a DRP Mitigate an Organization’s Risk?
  • Best Practices for Implementing a DRP for an Organization
  • What Is a Computer Incident Response Team Plan?
  • Purpose of a CIRT Plan
  • Elements of a CIRT Plan
  • How Does a CIRT Plan Mitigate an Organization’s Risk?
  • Best Practices for Implementing a CIRT Plan for an Organization

1

Risk Management Business Challenges

  • Understanding IT Infrastructure Domains
  • Understanding Risk Management
  • Identifying Vulnerabilities in Software
  • Exploiting Windows using Metasploit
  • Understanding U.S. Compliance Laws
  • Understanding Standards and Guidelines
  • Understanding Charts
  • Understanding the NIST Risk Management Framework
2

Risk Assessment

  • Understanding Impact Scale of a Risk
  • Understanding Risk Assessment Methods
  • Understanding Control Categories
  • Identifying and Evaluating Controls
  • Understanding Assets
  • Understanding Business Continuity Planning Steps
3

Risk Mitigation

  • Using Nmap for Network Enumeration
  • Conducting Vulnerability Scanning using Nessus
  • Understanding NIST Control Families
  • Understanding Primary Classes of Fires
  • Understanding Domains of a Typical IT Infrastructure
  • Understanding PCI DSS Principles and Requirements
  • Understanding Threat/Vulnerability Pairs with Countermeasures
  • Setting Password Policies
4

Mitigating Risk with a Business Impact Analysis & Continuity Plan

  • Understanding Impact Levels of BIA
  • Understanding Business Impact Analysis
  • Understanding BCP Teams
  • Understanding Business Continuity Planning
5

Mitigating Risk with a Disaster Recovery and Computer Incident Term Plan

  • Understanding Alternate Sites
  • Understanding Disaster Recovery Plan
  • Understanding an Incident Handling Procedure
  • Understanding an Incident Response Process

Related Courses

All Courses