Instructor for this course

As discussed in the segment titled Cyber Programs and Roles, in today’s tech environment it is critical that organizations be pro-active and prepared when considering cyber risk management.  Because of the size, complexity, and constant evolution of attack vectors there is no one-size-fits-all way to respond. it is essential to begin somewhere to establish a baseline for identifying the critical components that must be incorporated into any cybersecurity risk management approach. 

Multiple risk management frameworks have been introduced including:

  • NIST: National Institute of Standards and Technology (NIST) established by executive order in February 2013.
  • ISO/IEC Security Control Standard: developed by the International Organization for Standardization and the International Electrotechnical Commission 
  • FFIEC Cybersecurity Assessment – developed for Financial institutions by the Federal Financial Institutions Examination Council 
  • SEC/OCIE Cybersecurity Initiative – developed for brokers by the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations 
  • FCC Cyber Security Planning Guide – developed by the Federal Communications Commission for small businesses 
  • Although their organization and structures vary, all frameworks attempt to address the same basic functions designed by the NIST Cybersecurity Framework: 
    • Identify
    • Protect
    • Detect
    • Respond
    • Recover


In this course we evaluate several attributes critical to the proper establishment of a cyber risk management program. We delve into the concepts and apply thoughts as to how each component should be evaluated for your organization.  The course utilizes the NIST framework as a guide for application.

Learning Objectives

  • Explore effective cyber frameworks.
  • Identify the National Institute of Standards and Technology (NIST) cyber framework.
  • Evaluate components of the NIST cyber framework and their applicability to any framework.
  • Explore the concept of framework tiers.
  • Explore the concept of framework profiles.
  • Identify steps to implement a framework.
Last updated/reviewed: November 24, 2019

Included In Certifications

This course is included in the following Certification Programs:

13 CoursesCorporate Cyber Security Certification

  1. Cyber Threat – The Modern-Day Fraud: Breaches and Actions
  2. A Primer on Cyber Security Programs and Roles
  3. Cyber Risk Frameworks And Concepts
  4. Cyber Risk Framework - Identify Assets
  5. Cyber Risk Framework - Prioritize Assets
  6. Cyber Risk Framework - Protect Assets
  7. Cyber Risk Framework - Detect Part One
  8. Cyber Risk Framework - Detect Threats Part Two
  9. Cyber Risk Framework - Respond
  10. Cyber Risk Framework - Recover
  11. Cyber Risk Framework - Utilizing The Tier Approach
  12. Fraud and Personal Identity Theft
  13. Fraud and Business Identity Theft

18 Reviews (59 ratings)Reviews

Member's Profile
This course continues to build on the basics established in the first two courses. I like this certification learning plan - I can see my overall understanding of Cybersecurity improving, and the bite-sized sessions enable me to retain the information I’m learning.
Member's Profile
This is my 3rd training class with Lynn Fountain and this is my first entre into Cyber Security which I find fascinating. I'm very pleased that Lynn is teaching this class. She is an excellent instructor.
Member's Profile
It is hard to put these concepts into an overall diagram. It seems like there should be one in the material that interrelates all concepts with hierarchy or that segregates them into separate context.
Member's Profile
An example of the application of the framework would greatly enhance this course, otherwise a useful exposure to the key elements of the NIST standard.
Anonymous Author
This course provides a brief and basic knowledge on Cyber security frameworks, easy for understanding. Recommend for beginners
Anonymous Author
This is a concise but well organized approach to introducing cyber risk management frameworks with a focus on NIST.
Anonymous Author
Great course that covers a great deal about the risk management frameworks with emphasis on NIST. Well done!!!
Anonymous Author
It was easy to understand and gave me an understanding I needed. I will continue to other related courses.
Anonymous Author
I liked how the core was described and the detail in which the sub-categories were explained
Anonymous Author
Very informative course really increased my knowledge of and need for cyber security network.
Anonymous Author
This was a good course. I liked the way the framework was presented and tied together
Member's Profile
This course was very helpful in explaining the cyber risk management framework.
Anonymous Author
The course definitely helped to increase knowledge of cyber security frameworks
Anonymous Author
This instructor is always very good. This course was a nice overview.
Anonymous Author
This is simple explanation of the basic concepts of the NIST framework
Member's Profile
Great view/summary of the NIST framework. Great for beginners.
Anonymous Author
Great comprehensive course for risk managers and auditors.
Anonymous Author
Cyber Risk Frameworks And Concepts is an excellent course.


Course Complexity: Intermediate

No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.

Education Provider Information

Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Course Syllabus
  4:06Introduction to Cyber Risk Management Frameworks and Concepts
  11:50Effective Framework
  9:15NIST Framework Part One: Core
  13:47Framework Core Functions
  7:17NIST Framework Part Two: Implementation Tiers
  5:36NIST Framework Part Three: Profile
  2:58Framework Implementation
  7:09How to Use the Framework
  1:03:46Cyber Risk Management Frameworks and Concepts
  PDFSlides: Cyber Risk Management Frameworks and Concepts
  PDFCyber Risk Management Frameworks and Concepts Glossary/Index