In this video, learn about qualitative and quantitative risk analysis methods.
- [Instructor] Risk determination is conducted through…performance of a formal risk analysis.…During this analysis, there are two different ways…to measure risk, qualitatively and quantitatively.…Qualitative risk analysis uses intuition, experience…and other best practices to assign non-numeric values…to a given risk.…These non-numeric values could be low, medium, high,…and critical, or any other desired categorization system.…The best practices include using techniques to measure…risk such as brainstorming sessions, focus groups,…surveys, interviews and estimation of likelihood…of the event occurring using the Delphi method.…
When conducting qualitative risk analysis,…it is important that the team has the required experience…and education on the threats being analyzed,…because this is a highly subjective process.…The analysts must use their experience to rank…the threats based on a proposed impact severity,…loss potential and likelihood of occurrence.…The biggest downside when using qualitative risk analysis…
Author
Jason Dion
Released
4/5/2018- Risk mitigation strategies and controls
- Data security classification
- Extreme scenario and worst-case scenario planning
- Risk management of new products, technologies, and user behaviors
- Business models and strategies
- Third-party outsourcing and security
- Integrating diverse industries
- Security, privacy policies, and procedures in risk management
- Metrics collection and analysis
- Analyzing security solutions
Skill Level Advanced
Duration
Views
-
Introduction
-
Welcome1m 11s
-
What you should know1m 10s
-
About the exam1m 43s
-
Risk management fundamentals3m 39s
-
-
1. Risk Mitigation Strategies and Controls (Obj. 1.3)
-
The CIA triad3m 45s
-
Data security classification2m 40s
-
Access control categories2m 34s
-
Access control types2m 1s
-
The aggregate CIA score3m 23s
-
Risk determination2m 4s
-
Magnitude of impact3m 13s
-
Likelihood of threat2m 48s
-
Return on investment5m 5s
-
Total cost of ownership1m 43s
-
Risk management stratgies2m 51s
-
Risk management process4m 2s
-
IT governance4m 45s
-
-
2. Business and Industry Influences and Associated Security Risks (Obj. 1.1)
-
Partnerships1m 10s
-
Outsourcing1m 55s
-
Cloud2m 20s
-
De-perimeterization3m 38s
-
3. Security, Privacy Policies, and Procedures in Risk Management (Obj. 1.2)
-
Business Impact Analysis5m 19s
-
Memorandum of Understanding1m 27s
-
Non-Disclosure Agreement1m 3s
-
Master service agreement1m 1s
-
Privacy considerations1m 39s
-
Separation of duties1m 52s
-
Least privilege1m 50s
-
Incident response4m 57s
-
Digital forensics1m 47s
-
Continuous monitoring1m 32s
-
User training and awareness2m 30s
-
4. Measurements and Metrics in Risk Management (Obj. 1.4)
-
Benchmarks and baselines1m 42s
-
Cost benefit analysis1m 12s
-
Reviewing security controls1m 25s
-
-
Conclusion
-
Next steps1m
-
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.
CancelTake notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Risk determination