Not-for-Credit Accounting  |  Format: Flash

Managing Cyber Risk

Course Overview
Managing Cyber Risk is the second part of a two course series training program that assists senior executives and board members with better understanding how to understand and manage an organization�s cyber risk. This course provides an overview of cyber risk dashboards to help organizations successfully monitor and manage its cyber risk, and some best practices for creating and implementing a dashboard. This course also covers best practice recommendations and considerations to reduce cyber risk via policy and controls implementation across four broad categories: people, process, technology, and environment.

Despite the best defenses and preparation, the changes of an organization falling victim to a major cyber incident remain a reality. To address this reality, this course also details how an organization should react in the event of a data breach. It lays out broad recommendations on how to implement and execute against your incident response plan, crisis communications plans, and business continuity plans. The course highlights additional actions that help organizations manage longer-term post-breach impacts, from notifying stakeholders to conducting forensic investigations and determining post-incident lessons learned.

Learning Objectives
After completing this course, participants should be able to:


  • Indicate how to strengthen the cyber workforce in your organization, including building a culture of cyber resiliency, identifying ways to better train and evaluate cyber security knowledge, and empowering cybersecurity leadership.
  • Specify the processes to measure and monitor cyber risk, including creating and implementing cyber risk dashboards and cybersecurity frameworks.
  • Recognize processes to manage cyber risk through establishment of response plans, audits and benchmarks, and purchase of cyber insurance.
  • Identify the key components of your technology ecosystem and prioritize your spending on cyber technology.
  • Recognize the benefits and importance of viewing your threat environment through organizational, industry, and geopolitical lenses and develop relationships with external resources--such as cyber threat intelligence, information sharing organizations, and law enforcement agencies--to monitor that environment.
  • Identify who in your organization is responsible for cybersecurity compliance and recognize the importance of relationships with regulators and law enforcement.

  • Define how your organization plans to detect, contain, remediate, and restore when dealing with the fallout from cyber incidents.
  • Specify how to notify stakeholders after an incident and how this fits into your broader incident response plan.
  • Specify how forensics investigations, legal defense, and audits are instrumental in the post-incident phase and the importance of conducting a thorough �lessons learned� after a cyber breach.

    Catalog Number: CVFEI02
    CPE Credits: 2 Registry / 2 QAS
    Author: Jeffrey R. Welgan
    Advanced Preparation:
    Course Level: Basic
    Field of Study: Information Technology
    Content Partner:
    QAS: QAS Certified based on 50 minute hours.
    Course Type: Self-Study
    Minimum Passing Grade: 70%
    Soft/Hardware Reqs.:  Adobe Acrobat® Reader for the .pdf files
     56k or Greater Internet Connection
     Modern DHTML Compatible Browser
     Ram: 256 MB minimum
     Sound card with speakers/headphones
     Windows or Mac OS
    Release/Expiration Dates: Nov 08, 2019 / Nov 08, 2021