Scribd Logo
Upload

Welcome to Scribd!

  • P3 Section 4 Review

    Uploaded by

    binal wijegunawardena
    12 views24 pages
    The document provides an overview and exam guidance for Sections 13-16 of the P3 Risk Management module. It summarizes that Section 13 introduces cyber risk objectives and how organizations interact with technology. Section 14 focuses on cyber risk controls, prevention, detection, and response methods. Section 15 discusses analyzing cyber attacks and related techniques like forensic analysis. Section 16 reviews three cyber risk reporting frameworks that may be tested: AICPA, NIST, and AIC Triad. The exam will expect understanding of basic malware, application controls, prevention and detection methods, and components of the AICPA and NIST frameworks.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document provides an overview and exam guidance for Sections 13-16 of the P3 Risk Management module. It summarizes that Section 13 introduces cyber risk objectives and how organizations interact with technology. Section 14 focuses on cyber risk controls, prevention, detection, and response methods. Section 15 discusses analyzing cyber attacks and related techniques like forensic analysis. Section 16 reviews three cyber risk reporting frameworks that may be tested: AICPA, NIST, and AIC Triad. The exam will expect understanding of basic malware, application controls, prevention and detection methods, and components of the AICPA and NIST frameworks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    12 views24 pages

    P3 Section 4 Review

    Uploaded by

    binal wijegunawardena
    The document provides an overview and exam guidance for Sections 13-16 of the P3 Risk Management module. It summarizes that Section 13 introduces cyber risk objectives and how organizations interact with technology. Section 14 focuses on cyber risk controls, prevention, detection, and response methods. Section 15 discusses analyzing cyber attacks and related techniques like forensic analysis. Section 16 reviews three cyber risk reporting frameworks that may be tested: AICPA, NIST, and AIC Triad. The exam will expect understanding of basic malware, application controls, prevention and detection methods, and components of the AICPA and NIST frameworks.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 24

    STRATEGIC LEVEL

    Subject Risk Management (P3)


    Akila Gunarathna
    Lecturer MBA(UK), ACMA, CGMA, ACCA Affiliate, B.Sc. Engineering (Hons), Dip in Banking & Finance (IBSL)

    Module P3 Section 4 Review (Covering SS13, 14, 15 & 16)

    Code P3/AG/21
    P3 Section 4 Review
    Exam Technique Note

    Study Session 13 Cyber Risk Introduction


    P3 Examiner expects the candidate to have a fair understanding on cyber risk objectives and
    how an organization interreacts with technology. Basic understanding of Malware and
    Application attacks required

    Study Session 14 Cyber Risk Process


    This section focuses more on cyber risk controls. Prevention, Detection and Response
    methods should be noted. General IT controls such as application controls, personnel
    controls, network controls, physical controls, business continuity planning are required.

    Study Session 15 Cyber Risk Tools & Techniques


    How to analyse a cyber attack and ensure how we can take actions. This is similar to a post
    completion audit. Techniques such as reverse engineering, forensic analysis, malware
    analysis, penetration testing, software security will be tested.

    Study Session 16 Cyber Risk Reporting


    There are 3 main reporting frameworks given in the syllabus. AICPA framework will be given
    priority, need to know the 3 key components and 2 criteria in AICPA framework. Need a
    general understanding on NIST framework and 3 components should be known. AIC Traid is
    the 3rd framework given and the three elements should be known.

    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 1


    Exam Focused Questions

    SS 13

    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 2


    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 3
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 4
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 5
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 6
    SS 14

    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 7


    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 8
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 9
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 10
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 11
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 12
    SS 15 & 16

    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 13


    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 14
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 15
    Answers

    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 16


    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 17
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 18
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 19
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 20
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 21
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 22
    P3SS2020 – P3 Section 4 Review - Akila Gunarathna 23

    You might also like