CISRM-Certified Information Systems Risk Manager - ML
E-Learning
Description
This course will teach students about information systems risk. Topics covered include risk identification, assessment, evaluation, response, and monitoring, as well as information systems control design and implementation.
This course will teach students about information systems risk. Topics covered include risk identification, assessment, evaluation, response, and monitoring, as well as information systems control design and implementation.
| Lesson Id | Title | Description |
|---|---|---|
| 1 | The Big Picture: How Risk Management Relates to Risk Governance |
About the C)ISRM Exam Exam Relevance C)ISRM Review Course Section Overview Part 1 Learning Objectives Risk Management Section Topics Overview of Risk Management Risk Risk and Opportunity Management Responsibility vs. Accountability Risk Management Roles and Responsibilities Risk Management Frameworks, Standards and Practices Relevance of Risk Management Frameworks, Standards and Practices Frameworks Standards Practices Essentials of Risk Governance Relevance of Risk Governance Overview of Risk Governance Objectives of Risk Governance Foundation of Risk Governance Risk Appetite and Tolerance Risk Appetite and Risk Tolerance Risk Awareness and Communication Key Concepts of Risk Governance Risk Culture Case Study & Practice Questions Case Study Practice Question 1 Practice Question 2 Practice Question 3 Practice Question 4 Practice Question 5 Definitions and Acronyms Acronym Review Definition Review Supplemental Exercises Big Picture Exercises Suggested Resources for Further Study End of C)ISRM Part I - The Big Picture |
| 2 | Risk Identification, Assessment and Evaluation |
Risk Identification, Assessment and Evaluation Section Overview Exam Relevance Domain 1 Learning Objectives Tasks and Knowledge Statements Task Statements Knowledge Statements Risk Identification, Assessment and Evaluation The Process Describing the Business Impact of IT Risk IT Risk in the Risk Hierarchy IT Risk Categories High Level Process Phases Generic Risk Scenarios Risk Scenarios Definition of Risk Scenario Event Types Purpose of Risk Scenarios Risk Scenario Development Risk Register Risk Profile Risk Scenario Development Risk Scenario Components Risk Scenario Development Enablers Systemic, Contagious or Obscure Risk Generic IT Risk Scenarios Risk Factors Definition of Risk Factor Examples of Risk Factors Risk Factors— External Environment Risk Factors— Risk Management Capability Risk Factors— IT Capability Risk Factors— IT Related Business Capabilities Risk Assessment Methods Methods for Analyzing IT Risk Likelihood and Impact Risk Analysis Output Risk Analysis Methods Risk Analysis Methods— Quantitative Risk Analysis Methods— Qualitative Risk Analysis Methods— for HIGH impact risk types Risk Analysis Methods Risk Analysis Methods— Business Impact Analysis (BIA) Methods for Assessing IT Risk IT Risk Identification and Assessment Identifying and Assessing IT Risk Definitions Adverse Impact of Risk Event Business Impacts From IT Risk Business Related IT Risk Types IT Project-Related Risk Risk Components— Inherent Risk Risk Components— Residual Risk Risk Components— Control Risk Risk Components— Detection Risk Business Risk and Threats Addressed By IT Resources Identifying and Assessing IT Risk Methods For Describing IT Risk In Business Term s Methods For Describing IT Risk In Business Terms Case Study & Practice Questions Case Study or Exercise Practice Question 1 Practice Question 2 Practice Question 3 Practice Question 4 Practice Question 5 Definitions and Acronyms Acronym Review Definition Review Supplemental Exercises Domain 1 – Exercises Suggested Resources for Further Study End of C)ISRM Part II - Domain 1 |
| 3 | Risk Response |
Section Overview Exam Relevance Domain 2 Learning Objectives Tasks and Knowledge Statements Task Statements Knowledge Statements Risk Response Process Risk Response Objectives The Risk Response Process Risk Response Options Risk Response Parameters Risk Tolerance and Risk Response Options Risk Response Prioritization Options Risk Mitigation Control Types Risk Response Prioritization Factors Risk Response Tracking, Integration and Implementation Risk Response Process Details Process Phases Phase 1 - Articulate Risk Phase 2 - Manage Risk Phase 3 - React To Risk Events Risk Response and Risk Management Frameworks Risk Management Frameworks Case Study and Practice Questions Sample Case Study or Exercise Practice Question 1 Practice Question 2 Practice Question 3 Practice Question 4 Practice Question 5 Definitions and Acronyms Acronym Review Definition Review Supplemental Exercises Domain 2 – Exercises Suggested Resources for Further Study End of C)ISRM Part II |
| 4 | Risk Monitoring |
Risk Monitoring Course Agenda Exam Relevance Learning Objectives Tasks and Knowledge Statements Task Statements Knowledge Statements Essentials of Risk Monitoring Essentials Key Risk Indicators Risk Indicators Risk Indicator Selection Criteria Risk Indicator Types and Parameters Risk Indicator Considerations Criteria for KRI Selection Benefits of Selecting Right KRIs Disadvantages of Wrong KRIs Changing KRIs KPIs Data Extraction, Aggregation, & Analysis Gathering KRI Data Steps to Data Gathering Gathering Requirements Data Access Data Preparation Data Validating Considerations Data Analysis Reporting and Corrective Actions Optimizing KRIs Capability Maturity Models Use of Maturity Level Assessment Assessing Risk Maturity Levels Risk Management Capability Maturity Levels Changes to Threats, Vulnerabilities and Assets Changing Threat Levels Monitoring Changes in Threat Levels Measuring Changes in Threat Levels Responding to Changes in Threat Levels Threat Level Review Changes in Asset Value Maintain Asset Inventory Risk Reporting Reporting Content Effective Reports Report Recommendations Possible Risk Report Recipients Periodic Reporting Reporting Topics Risk Reporting Techniques Case Study & Practice Questions Sample Case Study or Exercise Practice Question 1 Practice Question 2 Practice Question 3 Practice Question 4 Definitions and Acronyms Acronym Review Definition Review Domain 3 – Exercises Suggested Resources for Further Study End of C)ISRM Part II - Domain 3 |
| 5 | Information Systems Control Design and Implementation |
Information Systems Control Design and Implementation Section Overview Exam Relevance Domain 4 Learning Objectives Tasks and Knowledge Statements Task Statements Knowledge Statements Control Design Considerations C)ISRM Involvement Control Definition Control Categories Control Types and Effects Control Methods Control Design Considerations Control Strength Control Costs and Benefits Potential Loss Measures Total Cost of Ownership For Controls System Development Life Cycle (SDLC) Role of the C)ISRM in SDLC The SDLC Process The Systems Development Life Cycle (SDLC) ‘Meets and Continues to Meet’ SDLC SDLC Phases Addressing Risk Within the SDLC Business Risk versus Project Risk Understanding Project Risk Addressing Business Risk Understanding Business and Risk Requirements Understand Business Risk System Development Life Cycle (SDLC) Phases High Level SDLC Phases 1. Project Initiation (and Requirements Definition) Project Initiation Phase 1 – Project Initiation Phase 1 Tasks Task 1—Feasibility Study Feasibility Study Components Determining Feasibility Outcomes of the Feasibility Study Task 2—Define Requirement Requirement Progression Business Information Requirements (COBIT) Requirements Success Factors Task 3—Acquire Software “Options” Software Selection Criteria Software Acquisition Software Acquisition Process 2. Project Design and Development Leading Principles for Design and Implementation C)ISRM Responsibilities Key System Design Activities: Steps to Perform Phase 2 Phase 2 - Project Design and Development 3. Project Testing System Testing Test Plans Project Testing Types of Tests UAT Requirements Certification and Accreditation Project Status Reports Phase 3 - Project Testing Testing Techniques Alpha Testing Beta Testing Function Validation Parallel Testing Pilot Testing Regression Testing Sociability Testing White Box Testing Verification and Validation 4. Project Implementation Phase 4 - Project Implementation Project Implementation Implementation Phases End User Training Plans & Techniques Training Strategy Data Migration/Conversion Considerations Risks During Data Migration Data Conversion Steps Implementation Rollback Data Conversion Project Key Considerations Changeover Techniques Post-Implementation Review Performing Post-Implementation Review Measurements of Critical Success Factors Closing a Project Project Management and Controlling Project Management Practices Project Management Tools and Techniques Project Management Elements Project Management Practices PERT chart and critical path PERT Attribute Case Study & Practice Questions Sample Case Study or Exercise Practice Question 1 Practice Question 2 Practice Question 3 Practice Question 4 Practice Question 5 Definitions and Acronyms Acronym Review Definition Review Domain 4 – Exercises Suggested Resources for Further Study End of C)ISRM Part II |
Self-Paced
Free
This course includes: :
Full lifetime access