Security is a critical component of the organization’s risk assessment strategy given the average cost to business affected by a data breach in the United States in 2020 amounted to 8.64 million dollars. To stay safe, organizations need to maintain a deep understanding of developing threats and their own security posture. Unfortunately, rarely are the necessary resources dedicated. In this course, you will learn what a security assessment is and about the various components.

This course will take you through a variety of controls you can implement to protect your organization’s assets, brand, and image. We will delve into understanding components of a security assessment to help identify areas of risk. Lastly, we will discuss simple controls that can be implemented, critical monitoring that should be performed, and important training that needs to occur.

Course Key Concepts: Risk Assessment, Security Assessment, Business Continuity, Data Breach, Cybersecurity, Vulnerability Assessment, Risk Assessment, General Controls.

Learning Objectives
  • Identify what is a comprehensive security risk assessment?
  • Recognize the components of a security risk assessment.
  • Discover the security and remediation strategies.
Last updated/reviewed: August 24, 2023

Included In Certifications

This course is included in the following Certification Programs:

10 CoursesInformation Technology Auditor Certification

  1. Understanding Information Technology Governance and the Application of NIST
  2. Performing a Security Risk Assessment
  3. Auditing Data Security IT Computer Controls
  4. Auditing Third Party Service Providers and Cloud Environments
  5. Auditing Automated Business and Financial Transaction Processes
  6. Auditing Logical Security and Logical Access Controls
  7. Auditing Change Management
  8. Auditing the Network
  9. The Importance of Incident Response, Disaster Recovery and Business Continuity Planning
  10. Information Technology Audit Summary
5 Reviews (19 ratings)


Member's Profile
Good overview of the considerations in a risk assessment. Interesting to note that several of the highly publicized data breaches were actually breaches of 3rd party vendors being utilized.

Anonymous Author
This course teaches a number of great concepts that are used in risk assessments of information technology systems and organizations.

Anonymous Author
An interesting and refresher course. Nothing surprised me. This training will be most beneficial to performance auditors.

Anonymous Author
good buildup of the key components of a security risk assessment. key roles and employees to be included was useful

Anonymous Author
The material was summarized and not so technical that a non-IT person could follow along and understand.

Course Complexity: Foundational

No advanced preparation or prerequisites are required for this course.

Education Provider Information
Company: Illumeo, Inc., 75 East Santa Clara St., Suite 1215, San Jose, CA 95113
Contact: For more information regarding this course, including complaint and cancellation policies, please contact our offices at (408) 400- 3993 or send an e-mail to .
Instructor for this course
Course Syllabus
  Introduction to Performing a Security Risk Assessment3:49
  What is Security Risk Assessment?7:56
  Steps of a Security Risk Assessment15:59
  Why Do I Need a Security Risk Assessment4:14
  Benefits of a Security Risk Assessment8:15
  Easy Steps to Prepare for a Security Risk Assessment14:03
  Understanding the Overall Risk Evaluation2:58
  Performing a Security Risk Assessment57:14
  Slides: Performing a Security Risk AssessmentPDF
  Performing a Security Risk Assessment Glossary/ IndexPDF