Share these talks and lectures with your colleagues
Invite colleaguesWe noted you are experiencing viewing problems
-
Check with your IT department that JWPlatform, JWPlayer and Amazon AWS & CloudFront are not being blocked by your network. The relevant domains are *.jwplatform.com, *.jwpsrv.com, *.jwpcdn.com, jwpltx.com, jwpsrv.a.ssl.fastly.net, *.amazonaws.com and *.cloudfront.net. The relevant ports are 80 and 443.
-
Check the following talk links to see which ones work correctly:
Auto Mode
HTTP Progressive Download Send us your results from the above test links at access@hstalks.com and we will contact you with further advice on troubleshooting your viewing problems. -
No luck yet? More tips for troubleshooting viewing issues
-
Contact HST Support access@hstalks.com
-
Please review our troubleshooting guide for tips and advice on resolving your viewing problems.
-
For additional help, please don't hesitate to contact HST support access@hstalks.com
We hope you have enjoyed this limited-length demo
This is a limited length demo talk; you may
login or
review methods of
obtaining more access.
Printable Handouts
Navigable Slide Index
- Introduction
- What is risk management?
- Summary
- The goals of information security
- Components of information security
- How to achieve information security
- Objectives of information security
- Prioritizing objectives is key for governance
- What exactly is IT risk management?
- Questions answered by risk management
- Data classes and examples of information
- Why is data classification fundamental?
- Controls and objectives
- Risk treatment options
- Risk planning in practical terms
- Risk register (1)
- Risk register (2)
- Standards and best practices
- Review
- Next module
This material is restricted to subscribers.
Topics Covered
- Risk
- Risk management
- Information risk management
- CIA triad
- Four control types
- Data classification
- Four risk treatment options
- Risk registry
- Policies
- Accountability
- Standards
- Information security
Talk Citation
Popa, C. (2019, January 31). Information risk management [Video file]. In The Business & Management Collection, Henry Stewart Talks. Retrieved December 26, 2024, from https://doi.org/10.69645/JCGJ6096.Export Citation (RIS)
Publication History
Transcript
Please wait while the transcript is being prepared...
0:00
Hello and welcome to Module Two of our six part series on "Practical Cybersecurity".
Today, we'll be discussing "Risk Management".
And in particular, what is information risk management?
A simple online search will show us
0:15
that risk is defined as a situation involving exposure to danger.
Now, for our purposes,
that simply means the probability of an adverse situation unfolding.
Doing a bit more digging,
we see that risk management is defined as
the forecasting and evaluation of financial risks,
together with the identification of procedures to avoid or minimize their impact.
That is a business definition,
and certainly businesses care about risk management because it needs
to be approached as a discipline rather than as just a project.
For our purposes however,
we care about the protection of those intangible assets.
And those intangible assets are of course, handled, managed,
touched by technology tools,
by information systems, by computerized system.
So the definition of IT risk management is the application of risk management methods,
to IT in order to manage information risk.
Now, what we need to look at specifically is the fact
that information risk management is really
the business risk associated with the use, ownership,
operation, involvement, influence, and adoption of
information systems and information technology within an enterprise or organization.