CRISC

Course
Time
6 hours 30 minutes
Difficulty
Advanced
CEU/CPE
7

Video Transcription

00:01
So now that we have the preliminary information out of the way and they're they're really is quite a bit of preliminary information And I think any one of those pieces that we've talked about up to this point even though they're not officially assigned to a domain, they're all testable.
00:16
Ah, particularly the idea of how risk management fits into projects and will continue to talk about that.
00:23
But the various risk processes in project management. Yeah, I do think that will come up, so go back and spend a little bit of time making sure you understand the flow of risk management. All right, But we're moving on now. Toothy agenda for domain one. And what we're going to talk about first is we're gonna talk about some frameworks.
00:43
We're gonna talk about the international framework. I so 27,005
00:47
will look at frameworks from risk. The risk I t framework specifically looking at ice axes, risk management life cycle. Then we'll look at frameworks from n'est ce n'est is always gonna be a player when we're looking at frameworks
01:02
because that's exactly witnessed is about here The standard. Here's the standard framework for particular environment
01:11
so we'll look at 800 deaths. 39 will look at 800 deaths 30 and then 800-37 which many of you probably know is the risk management frame. Or
01:19
all right then we talk about risk culture within the organization. If you want to change the culture of an organization
01:29
that has to come from the top so senior management can influence the culture, the culture will then influence behaviors.
01:37
Then we'll talk about how I t risk management strategy has to fit into the goals of the business and how the risks that we accept in I t
01:47
ultimately are gonna provide the value to the business as a whole. And then last but not least in this section, we will talk about the risk register. And the risk register is a document that we're gonna use to track information about risks.
02:02
So in the identification process, that's where the risk register gets created
02:07
and we go and we enter in our risks. Maybe what risk category. And then as we move through the varying processes of risk management, for instance, the next step we would take would be risk assessment. Well, we'll go in an update, the risk register. And when we root, move to risk mitigation
02:27
will update
02:28
the risk register. When we come around to monitoring and controlling risks, where do we enter that information?
02:36
The risk register. Right. So that risk register is gonna be a document that we use all the way throughout the risk management life cycle. All right, All that good information is coming right up. Don't change that dial.

Up Next

CRISC

This course on Certified in Risk and Information Systems Control is for IT and business professionals who develop and maintain information system controls, and whose job revolves around security operations and compliance.

Instructed By

Instructor Profile Image
Kelly Handerhan
Senior Instructor