In this course, you will explore several structured, risk management approaches that guide information security decision-making. Course topics include: developing and maintaining risk assessments (RA); developing and maintaining risk management plans (RM); regulatory and legal compliance issues affecting risk plans; developing a control framework for mitigating risks; risk transfer; business continuity and disaster recovery planning from the information security perspective.

Consider upgrading to an enhanced, more rigorous version of this course offered online at the University of Washington. You’ll gain access to meaningful interaction with instructors and additional assignments, readings and multimedia material, as well as earn a valuable University of Washington credential.

Barbara Endicott-Popovsky is the Director for the Center of Information Assurance and Cybersecurity at the University of Washington, designated by the NSA/DHS as a Center for Academic Excellence in Information Assurance Education and Research. She holds a joint faculty appointment with the Information School and the School of Urban Design and Planning--Critical Infrastructure, following a 20-year industry career marked by executive and consulting positions in IT architecture and project management. Her research interests fall under the umbrella of managing/mitigating network risks: deception, governance and network forensic readiness.

https://www.coursera.org/course/inforisk