IAS5030 Identifying and Managing Risk

Learners identify common information security risk analysis methodologies, their characteristics, pros and cons, and applications. Learners examine the sources of risk, including external malicious attackers, intentional and accidental attacks by internal users, and threats from environmental and structural sources. Learners also identify vulnerabilities in hardware, software, locations, and procedures that provide an opening to attackers and create risk to organizations. Learners demonstrate risk assessment techniques through hands-on application of software vulnerability testing tools.