Security and Risk Management and Planning: Lesson Plans
This chapter covers risk management and planning associated with information security. The focus is on incident responses, disaster recovery, and business continuity. The chapter explains risks, strategies, communication, and organization policies for managing security and risk for an organization. Students will utilize tools to identify and manage security risks. From a knowledge standpoint, we will review risk tolerance, processes for managing risks, impact of risks, security incidents, review disaster recovery planning processes, risk responses, tools for tracking risks, and risk metrics. As part of skills for the chapter, we will review the process for creating incident response plans, disaster recovery plans, risk models, and risk assessments. The application component of this chapter will focus on developing a risk assessment, security awareness plan, and impact assessment plan.