Module 7: Risk Assessments
Description
This module introduces risk assessment processes and the types of assessments available. Download the Department of Homeland Security (DHS) CSET tool that was introduced in Module 6. Install it and use it to perform a Cybersecurity Framework Critical Infrastructure Risk Assessment.
Objectives
| # | Revised Bloom’s Taxonomy | Objective | Slide # | Act. 1 | Team Act | Assess Ques # |
|---|---|---|---|---|---|---|
| 7.1 | Understand | Identify the different risk assessment frameworks. | 3 – 8 | 1, 2, 3, 4 | ||
| 7.2 | Understand | Discuss Supply Chain Risk Management (SCRM) principles. | 10-14 | 5 | ||
| 7.3 | Understand | Explain how regulatory requirements are used in determining additional items to review in a risk assessment. | 19-21 | 6 | ||
| 7.4 | Apply | Demonstrate an understanding of the CSET tool risk assessment functions. | X | X | ||
| 7.5 | Apply | Apply the CSET tool to an IT general risk assessment. | X | X | ||
| 7.6 | Apply | Develop a report using CSET. | X | X | ||
| 7.7 | Apply | Apply the standard available in the CSET tool to an IT general risk assessment. | X | X |
