Instructor for this course

As discussed in the segment titled Cyber Programs and Roles, in today’s tech environment it is critical that organizations be pro-active and prepared when considering cyber risk management.  Because of the size, complexity, and constant evolution of attack vectors there is no one-size-fits-all way to respond. it is essential to begin somewhere to establish a baseline for identifying the critical components that must be incorporated into any cybersecurity risk management approach. 

Multiple risk management frameworks have been introduced including:

  • NIST: National Institute of Standards and Technology (NIST) established by executive order in February 2013.
  • ISO/IEC Security Control Standard: developed by the International Organization for Standardization and the International Electrotechnical Commission 
  • FFIEC Cybersecurity Assessment – developed for Financial institutions by the Federal Financial Institutions Examination Council 
  • SEC/OCIE Cybersecurity Initiative – developed for brokers by the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations 
  • FCC Cyber Security Planning Guide – developed by the Federal Communications Commission for small businesses 
  • Although their organization and structures vary, all frameworks attempt to address the same basic functions designed by the NIST Cybersecurity Framework: 
    • Identify
    • Protect
    • Detect
    • Respond
    • Recover


In this course we evaluate several attributes critical to the proper establishment of a cyber risk management program. We delve into the concepts and apply thoughts as to how each component should be evaluated for your organization.  The course utilizes the NIST framework as a guide for application.

Learning Objectives

  • Explore effective cyber frameworks.
  • Identify the National Institute of Standards and Technology (NIST) cyber framework.
  • Evaluate components of the NIST cyber framework and their applicability to any framework.
  • Explore the concept of framework tiers.
  • Explore the concept of framework profiles.
  • Identify steps to implement a framework.
Last updated/reviewed: June 13, 2021

Included In Certifications

This course is included in the following Certification Programs:

13 CoursesCorporate Cyber Security Certification

  1. Cyber Threat – The Modern-Day Fraud: Breaches and Actions
  2. A Primer on Cyber Security Programs and Roles
  3. Cyber Risk Frameworks And Concepts
  4. Cyber Risk Framework - Identify Assets
  5. Cyber Risk Framework - Prioritize Assets
  6. Cyber Risk Framework - Protect Assets
  7. Cyber Risk Framework - Detect Part One
  8. Cyber Risk Framework - Detect Threats Part Two
  9. Cyber Risk Framework - Respond
  10. Cyber Risk Framework - Recover
  11. Cyber Risk Framework - Utilizing The Tier Approach
  12. Fraud and Personal Identity Theft
  13. Fraud and Business Identity Theft

28 CoursesInternal Audit Certificate

  1. Internal Audit Standards Overview
  2. Internal Audit Standards - Managing Internal Audit Work
  3. Internal Audit Standards - Executing the Audit Engagement
  4. Identifying and Implementing the Proper Balance of Internal Controls
  5. Documentation Methods For Internal Control Processes
  6. Segregation of Duties for Core Business Processes
  7. Foundations for a Strong Internal Audit Department
  8. Internal Audit Management - Top Skills
  9. Internal Audit: Keys to Managing an Effective Function
  10. Understanding Risk-Based Auditing
  11. Risk Based Auditing – Establishing a Methodology
  12. Risk Based Auditing – Applying the Methodology
  13. Cyber Risk Frameworks And Concepts
  14. Information Technology (IT) Risks in Emerging Business Environments
  15. Fraud Risk Assessments
  16. Professional Skepticism - Keys to Maintaining
  17. Introduction to Forensic Accounting
  18. The Fraud Triangle
  19. Internal Audit Effective Relations with the Audit Committee
  20. COSO 2013 Overview
  21. COSO 2013 - Operational Execution
  22. Internal Audit Emerging Risks for 2021 and Beyond - Part 1
  23. Internal Audit Emerging Risks for 2021 and Beyond - Part 2
  24. Internal Audit Emerging Risks for 2021 and Beyond - Part 3
  25. Internal Audit Emerging Risks for 2021 and Beyond - Part 4
  26. Internal Audit Challenges During Times of COVID
  27. Tools for Internal Control Certificate
  28. Lessons of an Auditor- Tools for Internal Control Certificate

25 Reviews (78 ratings)Reviews

Member's Profile
This course continues to build on the basics established in the first two courses. I like this certification learning plan - I can see my overall understanding of Cybersecurity improving, and the bite-sized sessions enable me to retain the information I’m learning.
Member's Profile
This is my 3rd training class with Lynn Fountain and this is my first entre into Cyber Security which I find fascinating. I'm very pleased that Lynn is teaching this class. She is an excellent instructor.
Member's Profile
It is hard to put these concepts into an overall diagram. It seems like there should be one in the material that interrelates all concepts with hierarchy or that segregates them into separate context.
Member's Profile
An example of the application of the framework would greatly enhance this course, otherwise a useful exposure to the key elements of the NIST standard.
Anonymous Author
This course provides a brief and basic knowledge on Cyber security frameworks, easy for understanding. Recommend for beginners
Anonymous Author
This is a concise but well organized approach to introducing cyber risk management frameworks with a focus on NIST.
Anonymous Author
Great course that covers a great deal about the risk management frameworks with emphasis on NIST. Well done!!!
Anonymous Author
It was easy to understand and gave me an understanding I needed. I will continue to other related courses.
Anonymous Author
I liked how the core was described and the detail in which the sub-categories were explained
Anonymous Author
Very informative course really increased my knowledge of and need for cyber security network.
Anonymous Author
Program materials were relevant and contributed to the achievement of the learning objectives
Anonymous Author
This was a good course. I liked the way the framework was presented and tied together
Member's Profile
This course was very helpful in explaining the cyber risk management framework.
Anonymous Author
The course definitely helped to increase knowledge of cyber security frameworks
Anonymous Author
Great course of cyber risk framework and concepts which add value to me
Anonymous Author
Excellent introduction from Lynn Fountain, full of context and insight.
Anonymous Author
This instructor is always very good. This course was a nice overview.
Anonymous Author
This is simple explanation of the basic concepts of the NIST framework
Anonymous Author
Great course, insightful and full of detail which was very helpful!
Member's Profile
Great overview of the NIST cybersecurity framework. Thank you.
Member's Profile
Great view/summary of the NIST framework. Great for beginners.
Anonymous Author
This course provides an understanding of the NIST Framework.
Anonymous Author
Great comprehensive course for risk managers and auditors.
Anonymous Author
Cyber Risk Frameworks And Concepts is an excellent course.
Anonymous Author
The course was informative on cyber security framework.


Course Complexity: Intermediate

No Advanced Preparation or Prerequisites are needed for this course. However, it is recommended to take the other courses in the series prior to completing this one.

Education Provider Information

Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Course Syllabus
  4:06Introduction to Cyber Risk Management Frameworks and Concepts
  11:50Effective Framework
  9:15NIST Framework Part One: Core
  13:47Framework Core Functions
  7:17NIST Framework Part Two: Implementation Tiers
  5:36NIST Framework Part Three: Profile
  2:58Framework Implementation
  7:09How to Use the Framework
  1:03:46Cyber Risk Management Frameworks and Concepts
  PDFSlides: Cyber Risk Management Frameworks and Concepts
  PDFCyber Risk Management Frameworks and Concepts Glossary/Index