Risk Management

o Overview
o Risk Capacity, Risk Appetite and Risk Tolerance
o Risk Culture and Communication
o Elements of Risk
o Information Security Risk Concepts and Principles\
o The IT Risk Strategy of the Business
o IT Concepts and Areas of Concern for the Risk Practitioner
o Methods of Risk Identification
o IT Risk Scenarios
o Ownership and Accountability
o The IT Risk Register
o Risk Awareness

Risk Assessment

o Overview
o Risk Assessment Techniques
o Analyzing Risk Scenarios
o Current State of Controls
o Changes in the Risk Environment
o Project and Program Management
o Risk and Control Analysis
o Risk Analysis Methodologies
o Risk Ranking
o Documenting Risk Assessments

Risk Response and Mitigation

o Overview
o Aligning Risk Response with Business Objectives
o Risk Response Options
o Analysis Techniques
o Vulnerabilities Associated With New Controls
o Developing a Risk Action Plan
o Business Process Review Tools and Techniques
o Control Design and Implementation
o Control Monitoring and Effectiveness
o Types of Risk
o Control Activities, Objectives, Practices and Metrics
o Systems Control Design and Implementation
o Impact of Emerging Technologies on Design and Implementation of Controls
o Control Ownership
o Risk Management Procedures and Documentation

Risk and Control Monitoring and Reporting

o Overview
o Key Risk Indicators
o Key Performance Indicators
o Data Collection and Extraction Tools and Techniques
o Monitoring Controls
o Control Assessment Types
o Results of Control Assessments
o Changes to the IT Risk Profile