Enterprise Security Risk Management for Cybersecurity Managers
I developed a structured understanding of how organizations identify, assess, and manage cybersecurity risks using internationally recognized frameworks. I learned how to apply risk assessment methodologies, including evaluating threats, vulnerabilities, likelihood, and impact, and how to prioritize risks using tools such as risk matrices. The course also emphasized the importance of risk treatment strategies—such as mitigation, transfer, acceptance, and avoidance—and how these decisions align with broader governance and compliance requirements. This activity directly relates to my coursework in Management Information Systems by reinforcing concepts in cybersecurity, risk management, and enterprise IT governance, while also supporting my career goal of working in a technical or security-focused role where I can contribute to protecting organizational assets and improving decision-making through structured risk analysis.