0b: Understanding an Organization's Risk Environment

Unit#0b Lecture Videos

April 29, 2024 by David Lanter

Watch the Lecture videos in order:

Part 1 Business Context
Part 2 Key Concepts – CIA, Threats-Adversarial
Part 3 Key Concepts – Threats-Accidental, Structural, Environmental
Part 4 Key Concepts – Vulnerabilities and Risk
Part 5 Key Concepts – Risk Assessment, Quantitative Risk Assessment
Part 6 Key Concepts – Risk Management, Mitigation Controls; ISACA RiskIT Framework
Part 7 – Critical Infrastructure and Risk
Part 8 – Risk Management Standards and Frameworks
Part 9 – Risk Management Frameworks (continued), Next Time…

Question 1

April 29, 2024 by David Lanter 33 Comments

Do ITACS students represent information security vulnerabilities to the school, each other, or both?
Explain the nature of the vulnerabilities ITACS students represent in the context(s) you chose?

Question 2

April 29, 2024 by David Lanter 30 Comments

Is information security a technical problem, a business problem that the entire organization must frame and solve, or both? Explain the nature of the problem in the context(s) you chose.

Question 3

April 29, 2024 by David Lanter 32 Comments

Provide an example of a measurement used in quantitative information security risk analysis.
What challenges are involved in calculating such a measurement?