Cyber Risk Framework – Utilizing The Tier Approach

Course Access: Lifetime
Take this Course
Course Overview

Cyber risk is one of the top business risks today.  Information technology continues to evolve and cyber risk continues to escalate.  It is important that all individuals understand the basics of cyber risk and threats.  In addition, organizations must learn to develop effective cyber risk programs and appropriately measure cyber risk.

This course is complimentary to courses on:

  • Cyber risk management frameworks
  • Cyber programs and roles
  • Cyber breaches and actions

As discussed in the segment on cyber risk management frameworks, multiple risk management frameworks exist and can be effectively utilized by organizations to establish their cyber programs.  These learning segments utilize the NIST Framework (National Institute of Standards and Technology (NIST) established by executive order in February 2013) as a template for assisting in understanding the various components that should be assessed related to cyber risk. This course delves into the process of assessing risk management status utilizing the tier concept.

The NIST framework introduces the concept of tiers. Tiers are utilized to help an organization determine its current cyber risk management status. Tiers can also be used when determining the desired risk management status. The tier concept and its execution can be compared to the maturity model concept utilized in Enterprise Risk Management (ERM). However, the tiers are NOT representative of maturity level. The manner or process utilized for the organization to determine its tier level can be similar to an ERM maturity assessment.

Regardless of the specific framework chosen to follow for a risk management program, the tier concept can be an effective addition to any cyber risk management program.  

Training for all programs related to cyber security by this trainer are utilizing the framework of the National Institute of Standards and Technology (NIST) as a model. This information is freely available in the public domain. For more detailed information on the framework please refer to NIST.org.

Leave A Comment