Explore KSACs by Pathway
Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.
12. Risk Management
| Label | KSAC Description | Bloom's Taxonomy Level | Cross-Cutting | |
|---|---|---|---|---|
| a | Describe the concepts of Risk Management (e.g., Business continuity concepts, Business impact analysis, Identification of critical systems and components, Removing single points of failure). | knowledge | 2 | |
| b | Describe the concepts of Risk assessment (e.g., Disaster recovery plan, IT contingency planning - Succession planning, Redundancy). | knowledge | 2 | |
| c | Describe and plan Fault tolerance (e.g., Hardware, RAID, Clustering, Load balancing, Disaster recovery concepts, Backup plans/policies, Backup execution/frequency). | skill | 3 | |
| d | Describe popular methodologies used in industry to manage risk. Including Governance, Risk ancn Compliance (GRC) processes | knowledge | 2 | |
| e | Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF). | knowledge | 2 | |
| f | Understand Governance, risk management and Compliance Management processes (risk mitigation, govern compliance). | knowledge | 2 | |
| g | Apply certification and accreditation. | skill | 4 | |
| h | Apply audit and compliance. | skill | 5 | |
| i | Identify compliance with regulations and guidelines and how it varies from government to different industries (e.g., healthcare) | knowledge | 2 | |
| j | Explain how cybersecurity incidents affect a business continuity plan. | knowledge | 2 | |
| k | Apply risk assessment techniques to identify, assess, and prioritize risk factors for information assets concepts related to threat vectors and probability/threat likelihood | skill | 3 | |
| l | Describe cybersecurity risk in relation to business risk | knowledge | 2 |
Credentials
Entry
- Security+
- Network+
- Cloud+
- CEH
- GSEC
- CAP
Mid-level
- CCNA
- CYSA+
Advanced
- CASP
- CISSP
- CISA
- CISM
- CRISC
- CCSP