From the course: Implementing the NIST Risk Management Framework (2020)
Join today to access over 24,000 courses taught by industry experts.
Assessing controls and risk exercise
From the course: Implementing the NIST Risk Management Framework (2020)
Assessing controls and risk exercise
- [Instructor] Now it's your turn to practice assessing an organization's control gaps and potential risks. You can either use the Red30 Tech AEC Case Study provided with this course or use your own organization. For this exercise, use the NIST CSF Risk Template spreadsheet provided with the course. Go through each of the controls and categories listed in column Ds and E, and provide your response for the ability of the company to meet that control and any associated compliance or risk levels. Your exercise, use this spreadsheet for that case study company or your own organization as practice. As needed, reference NIST SP 800-53 and 800-53A for directions on how to meet the control. At this point, you can also provide recommendations on how to fix any control gaps or otherwise remediate risks. For example, in the last audit of user accounts, it was found 20 prior employees for Red30 AEC still had access to…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.