Siva Priya
Fast Track
Duration Time
75 Hours (19 Days)


The selection and specification of security controls for a system is accomplished as part of an organization-wide information security program that involves the management of organizational risk---that is, the risk to the organization or to individuals associated with the operation of a system. The management of organizational risk is a key element in the organization's information security program and provides an effective framework for selecting the appropriate security controls for a system-the security controls necessary to protect individuals and the operations and assets of the organization.

The Risk Management Framework provides a process that integrates security and risk management activities into the system development life cycle. The risk-based approach to security control selection and specification considers effectiveness, efficiency, and constraints due to applicable laws, directives, Executive Orders, policies, standards, or regulations. The following activities related to managing organizational risk are paramount to an effective information security program and can be applied to both new and legacy systems within the context of the system development life cycle and the Federal Enterprise Architecture

Key Features

20 hours of high quality eLearning content
3 case studies
106 real world examples from various industries
Education with new technologies
Achievements in work
2 Glossaries for difficult terms & acronyms


3 case studies
Participation Certificate


Foundations of Enterprise Risk Management (ERM) 45 min
Understanding Enterprise Risk Management 45 min
Hallmarks of ERM 55 min
ERM five step process overview 2 hours
ERM contexts: Strategic risk management, project risk management, operational risk management 60 min
Enterprise Risk Management Process 75 min
Risk management and the role of the Board and senior management 75 min