From the course: IT and Cybersecurity Risk Management Essential Training
Join today to access over 24,000 courses taught by industry experts.
Using an IT risk register
From the course: IT and Cybersecurity Risk Management Essential Training
Using an IT risk register
- [Instructor] Once you start looking for IT risks, you'll find a lot of them. So you'll need a place to write them down. That place is called a risk register. Neither NIST 800-30 nor 800-39 use the term risk register, but NIST does define the term inside their inter-agency report number 8286 as a repository of risk information, including the data understood about risks over time. Oddly enough, ISO 31000 doesn't use the term risk register either, but it does state that risks need to be documented. However, ISO guide 73, which is called risk management vocabulary does define a risk register to be a record of information about identified risks. Despite this inconsistency among the common standards, we'll use the term risk register, and this lesson will show you how to make one and use one. A typical risk register could contain many data fields, including a risk category to group similar risks, such as system availability or…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Performing the IT risk assessment4m 29s
-
(Locked)
Choosing an IT risk management framework4m 21s
-
(Locked)
Choosing an IT risk management tool2m 48s
-
(Locked)
Determining an acceptable level of IT risk3m 16s
-
(Locked)
Using an IT risk register4m 30s
-
(Locked)
IT risk management techniques6m 39s
-
(Locked)
-
-