Short Course

Information Security Risk Management

Understand the concepts around managing information security risk. Conduct a risk-based evaluation of the threats around your information to gain a clear view and prioritize areas for protection.

7 Hours of video content

Intermediate

Certificate of Completion Included

Check out Subscription Plans

Overview What You Will Learn Curriculum Instructor

Course Overview

Information Security Risk Management (ISRM) is the process around identification, evaluation, treatment and monitoring of information security risks. The goal of information security risk management is to raise awareness of existing threats and establish a framework around the treatment of such through policies, procedures, and technology, overall aiming to reduce the risk from various data threats like cyber-attacks, insider threats, environmental disasters, third parties and others. Information risk is a calculation based on the likelihood that an unauthorized entity will negatively impact the confidentiality, integrity and/or availability of data that you collect, transmit, or store and the potential negative impact this could lead to.

As you progress throughout the course, you will learn the concepts around information security risk management. You would familiarize yourself with enterprise risk assessment, compliance risk assessment, risk treatment and the effect of these on an organization. You would familiarize yourself with vulnerability management, vendor and third-party risk management. Next, you will learn action tracking and auditing. In addition, you will learn to assess security controls and their implementation and influence on information risks. Finally, you will learn to monitor and re-evaluate risks and risk treatment plans.

By the end of the course, you will be able to establish a framework around risk identification, evaluation, action and continuous monitoring, including the identification and enforcement of controls that reduce the possibility of systems, networks, and software being compromised by cyber-attack or other unauthorized activity.

What You Will Learn

What is Information Security Risk Management (ISRM) and its main concepts.
The importance of an Information Security Risk Management program within an organization.
The way risk management connects with other various information security functions like vulnerability management
incident response
threat hunting and others.
How to manage and treat risks that threaten your information assets.
How to measure the effectiveness of your risk management program.

Program Curriculum

Purpose and Key Concepts of Information Security Risk Management
Scope, Roles, and Responsibilities in the Information Security Risk Management
Chapter 1 Quiz

Introduction to the Section
Information Security Risk Management Types
Information Security Risk Management Phases – Part 1
Information Security Risk Management Phases – Part 2
Information Classification
Summary of the Section
Chapter 2 Quiz

Introduction to the Section
Identification of Information Security Risks
Assessment of Information Security Risks – Part 1
Assessment of Information Security Risks – Part 2
Management of Information Security Risks – Part 1
Management of Information Security Risks – Part 2
Monitoring of Information Security Risks
Summary of the Section
Chapter 3 Quiz

Introduction to the Section
Information Security Controls’ Influence on the Information Security Risk Management Process
Types of Information Security Controls – Part 1
Types of Information Security Controls – Part 2
Implementation and Monitoring of Information Security Controls
Summary of the Section
Chapter 4 Quiz

Introduction to the Section
Third-party/Supply Chain Risk
Types of Third-party Risk Management
Contracting
Summary of the Section
Chapter 5 Quiz

Introduction to the Section
Vulnerability Management
Red Team Activities
Penetration Testing
Summary of the Section
Chapter 6 Quiz

Overview and Key Takeaways from the Course
Thank you and Contact Information

Load more modules

Instructor

Deyan T Tsanov

Deyan Tsanov has worked for large organizations over the last 10+ years. His experience includes technical support, cyber security operational activities, data risk analysis and evaluation, information security risk management, security controls implementation, and others. Graduated within the Information Security subject, he has additionally gained a variety of industry certifications to contribute to his subject matter expertise including Certified Ethical Hacker (CEH), Information System Security Management Professional (ISSMP), Certified Cloud Security Professional (CCSP), Certified Information System Security Professional (CISSP), Practitioner Certificate in Information Risk Management (PCiIRM), Security+ and others. Deyan sees Information Security Risk Management (ISRM) as an ever-evolving process that is key to preserving data, establishing successful information security programs, and being an inevitable pillar in each decision related to organizations’ strategy.

Buy this course now

$59.99

Get Immediate access for one year today!

Upgrade to Pro Plans and Get Full Access Today!

Get this course, along with 700+ courses and 50+ learning paths and more in one subscription. Learn more

Unlock All Access

Plans start from $33/mo. Cancel anytime.

Join over 1 Million professionals from the most renowned Companies in the world!

Empower Your Learning with Our Flexible Plans

Invest in your future with our flexible subscription plans. Whether you're just starting out or looking to enhance your expertise, there's a plan tailored to meet your needs. Gain access to in-demand skills and courses for your continuous learning needs.

Monthly Plans

Annual Plans

Save 20% with our annual plans!

Pro

Ideal for continuous learning, offering extensive resources with 600+ courses and diverse Learning Paths to enhance your skills.

^$ 499.00

Billed annually or $59.00 billed monthly

Get Started Now

Start your 7-day trial for $1

What is included

700+ Premium Short Courses
50+ Structured Learning Paths
Validation of Completion with all courses and learning paths
New Courses added every month

Early Access Offer

Pro +

Experience immersive learning with Practice Labs, CTF Challenges, and exclusive EC-Council certifications for comprehensive skill-building.

^$ 599.00

Billed annually or $69.00 billed monthly

Get Started Now

Start your 7-day trial for $1

Everything in Pro and

800+ Practice Lab exercises with guided instructions
150+ CTF Challenges with detailed walkthroughs
New Practice Labs and Challenges added every month
3 Official EC-Council Essentials Certifications¹ (retails at $897!)
Exclusive Bonus with Annual Plans

¹This plan includes Digital Forensics Essentials (DFE), Ethical Hacking Essentials (EHE), and Network Defense Essentials (NDE) certifications. No other EC-Council certifications are included.

Related Courses

GDPR Privacy Data Protection CASE STUDIES Explained

Short Course

GDPR Privacy Data Protection CASE STUDIES Explained

Governance Risk and Compliance

Get to know about the GDPR Privacy Data Protection through a detailed explanation of CASE STUDIES

Get to know about the GDPR Privacy Data Protection through a ...

$69.99

Intermediate

5 hr 36 m

Hello
The Ultimate Guide to ISO 27701:2019 – Privacy Information Management System (PIMS)

Short Course

The Ultimate Guide to ISO 27701:2019 – Privacy Information Man...

Governance Risk and Compliance

An end-to-end guide on extending and enhancing an ISMS through GDPR-compliant privacy controls

An end-to-end guide on extending and enhancing an ISMS throug...

$59.99

Beginner

4 hr 0 m

Hello
Implementing PCI DSS Compliance

Short Course

Implementing PCI DSS Compliance

Governance Risk and Compliance

Become an expert in PCI compliance with our comprehensive course. Protect your business, build trust, and ensure data security.

Become an expert in PCI compliance with our comprehensive cou...

$79.99

Intermediate

3 hr 0 m

Hello
The Ultimate Guide to NIST SP 800-53 - Fundamentals and Control Families

Short Course

The Ultimate Guide to NIST SP 800-53 - Fundamentals and Contro...

Governance Risk and Compliance

A practical approach to navigating complexities on start, adopt, and operationalize NIST SP 800-53.

A practical approach to navigating complexities on start, ado...

$49.99

Beginner

3 hr 30 m

Hello
How to Succeed in a Data Protection Officer Role (GDPR DPO)

Short Course

How to Succeed in a Data Protection Officer Role (GDPR DPO)

Governance Risk and Compliance

Learn how to become a great Data Protection Officer (DPO) under GDPR - Step by Step with examples (CIPT, CIPM, CIPP/E)

Learn how to become a great Data Protection Officer (DPO) und...

$69.99

Intermediate

3 hr 35 m

Hello
Implementing Global Data Protection Policy

Short Course

Implementing Global Data Protection Policy

Governance Risk and Compliance

Empower yourself to acquire the skills and gain knowledge and competence to efficiently execute and manage a compliant framework with an aim to safeguard personal data.

Empower yourself to acquire the skills and gain knowledge and...

$59.99

Intermediate

2 hr 57 m

Hello
Information Security Risk Management

Short Course

Information Security Risk Management

Governance Risk and Compliance

Understand the concepts around managing information security risk. Conduct a risk-based evaluation of the threats around your information to gain a clear view and prioritize areas for protection.

Understand the concepts around managing information security ...

$59.99

Intermediate

4 hr 9 m

Hello
Mitigating M&A Cybersecurity Risks

Short Course

Mitigating M&A Cybersecurity Risks

Governance Risk and Compliance

Ensure proper cybersecurity before, during, and after a merger or acquisition

Ensure proper cybersecurity before, during, and after a merge...

$69.99

Intermediate

6 hr 34 m

Hello