IT / Information Security Risk Management With Examples
This lecture is the part one of series for the IT / Information Security Risk Management.
The video is good for students preparing for exams and interviews.
The video covers the following topics:
- Risk Management
- Risk Assessment
- Risk Treatment
- Asset / Process Based Risk Assessment
- Qualitative, Quantitative and Semi Quantitative Risk Assessment / Management;
- And the definitions to understand these areas.
Пікірлер: 76
Watching it again and it even got better!
Thank you, extremely helpful
Nice initiative Ali.. 👍😇
Excellent job!! You are great!
@aliqureshi2227
Ай бұрын
Thank you very much!
Thank you for your time and effort at creating this. Good job. Keep it up. I learned something new too.
@aliqureshi2227
3 жыл бұрын
Thank you very much. I really appreciate it.
You put everything in order and the explanation was so comprehensive
@aliqureshi2227
10 ай бұрын
Thank you very much for your kind feedback
Excellent content for beginners. Thank you for your effort
@aliqureshi2227
2 жыл бұрын
Thank you very much Adil.
I’m an info sec risk analyst for my bank. This is great resource!!
@aliqureshi2227
11 ай бұрын
Thank you very much. Really appreciate it!
Excellent delivery. Thank you.
@aliqureshi2227
3 жыл бұрын
Thank you very much Kester. I really appreciate it.
I will be joining as a Information Security Risk Analyst next month. This will help me prepare. Thank you.
@aliqureshi2227
2 жыл бұрын
It definitely will. Do let me know on what other topics you would like to hear me on.
One of the excellent and crisp explanations that I have seen so far. Thank You so much!
@aliqureshi2227
Жыл бұрын
Thank you @ramganesh
Very easy understanding. Thanks for such working.
@aliqureshi2227
2 жыл бұрын
Thank you very much Javed! Really appreciate it.
Wow…. Great explanation and well organized. 👏👏👏
@aliqureshi2227
Жыл бұрын
Thank you very much Asanka!
Great information Ali. I like how you structure and explained the concepts. Keep up the good work!
@aliqureshi2227
11 ай бұрын
Thank you very much!
Here are the learning outcomes for anyone who needs them (they're all listed at 27:59) What is Risk? Why do we need risk management What is risk management? What is risk assessment? What is risk treatment? What is likelihood, impact, inherent and residual risk? Difference between threat, vulnerability and risk. Difference between asset owner and asset custodian. Difference between risk management and risk assessment. Difference between quantitative, qualitative, and semi-quantitative risk management. The Risk Management Process.
Very concise and informative.
@aliqureshi2227
3 жыл бұрын
Thank you very much Kaleem!
It was informative, Ali! Thanks for the video
@aliqureshi2227
2 жыл бұрын
Thank you very much Ahmed. Really appreciate it.
This is a great overview.
@aliqureshi2227
Жыл бұрын
Thank you
Quite helpful and interesting, thank you
@aliqureshi2227
Жыл бұрын
Thank you very much Mamta!
very good work..appreciate it
@aliqureshi2227
2 жыл бұрын
Thanks Rohit
Very good content. Thanks for sharing this
@aliqureshi2227
Жыл бұрын
Thank you for your feedback @mayankraj2806. Really appreciate it
Keep up the good work ❤️
@aliqureshi2227
3 жыл бұрын
Thank you Ziyad!
Hi Ali Would be very helpful if you can provide a link to the actual slide deck itself. Great video! Thanks for the explanation!
Excellent Mr Ali!!
@aliqureshi2227
9 ай бұрын
Thank you very much Ram!
Good one.
@aliqureshi2227
3 жыл бұрын
Thank you!
👌🏻❤
Thank you
@aliqureshi2227
8 ай бұрын
You're welcome Jason.
good video, Thank you! but need to learn, how to implement this as well :)
@aliqureshi2227
7 ай бұрын
Thank you and best of luck ☺️
Nice !
@aliqureshi2227
2 жыл бұрын
Thanks 🙏
An excellent way of teaching. Thanks. In video while defining, residual risk = inherent risk - control value However, in overview of risk management process, residual risk = inherent risk divided by control value Which one is right?
@aliqureshi2227
2 жыл бұрын
Thank you very much. I would recommend to use division as it leads to a reasonable residual risk value.
Thanks for the session , I guess in 18:01 , it should be NIST SP 800-30 in place of NIST SP 800-50 .
@aliqureshi2227
3 жыл бұрын
Thank you! and Absolutely. Apologies from my end. Will manage the rectification.
Thank you very much for this video. It came very handy. Would you be able to recommend the academic journals within IT Security Risk Assessment that I could refer to for my literature review? That will be much appreciated.
@aliqureshi2227
3 жыл бұрын
Hi Phathiswa! Thank you for your kind words. It was encouraging. My apologies, I am no aware about any specific academic journals within the domain. But you can always refer to standardizing bodies and international platforms like SANS for the same.
@phathiswabam2630
3 жыл бұрын
@@aliqureshi2227 so much appreciated Ali. I found something I could use by U Kumar plus the standards. Have a blessed new year 🙏
Great
@aliqureshi2227
Жыл бұрын
Thank you
Are we not considering the process value/asset value for risk score calculation?
@aliqureshi2227
10 ай бұрын
Thank you very much for bringing this up. Yes, in this video the asset valuation is not discussed in specific however, theoretically just in the context of this content, consider it be part of asset identification.
Thank you for the informative information. Do you have a default template to use?
@aliqureshi2227
Жыл бұрын
Thanks Tausef. Unfortunately, no.
Hello, i will a writing assignment about information security, security risks, security control, and the application of risk control and risk measures. So, can you help me like you make video as well as notes on it. Please help me.
If u a notes please send it
What is the meaning of waiver and Derogation? in risk treatment.
@aliqureshi2227
6 ай бұрын
Waiver and derogation are just literal jargon. Both of them are related to risk acceptance. Waiver is where management allows you to allow a particular risk open as untreated. Same story is with derogation. The real deal is that what constitutes such waivers and derogation? - If the risk levels are low? If risk likelihood is high but impact is low? Or the benefit realized from a particular thing is far greater in value than the impact of the risk?
@16:45
@aliqureshi2227
3 жыл бұрын
I am sorry. Can you please translate that in to English if that is a question?
@TVVDINAKARAN
3 жыл бұрын
@@aliqureshi2227 Oops sorry mate i marked the timeline for my purpose So that i can resume the video later from where i left it off
@aliqureshi2227
3 жыл бұрын
@@TVVDINAKARAN No problem! :)
انت مين
النبي عربي ياعلوه