Explore KSACs by Pathway

Explore Knowledge, Skills, Abilities, and Credentials (KSACs) by IT Pathway.

12. Risk Management

Label KSAC Description Bloom's Taxonomy Level Cross-Cutting
a Describe the concepts of Risk Management (e.g., Business continuity concepts, Business impact analysis, Identification of critical systems and components, Removing single points of failure). knowledge 2
b Describe the concepts of Risk assessment (e.g., Disaster recovery plan, IT contingency planning - Succession planning, Redundancy). knowledge 2
c Describe and plan Fault tolerance (e.g., Hardware, RAID, Clustering, Load balancing, Disaster recovery concepts, Backup plans/policies, Backup execution/frequency). skill 3
d Describe popular methodologies used in industry to manage risk. Including Governance, Risk ancn Compliance (GRC) processes knowledge 2
e Identify concepts of risk calculation (Likelihood, ALE, Impact, SLE, ARO, MTTR, MTTF, MTBF). knowledge 2
f Understand Governance, risk management and Compliance Management processes (risk mitigation, govern compliance). knowledge 2
g Apply certification and accreditation. skill 4
h Apply audit and compliance. skill 5
i Identify compliance with regulations and guidelines and how it varies from government to different industries (e.g., healthcare) knowledge 2
j Explain how cybersecurity incidents affect a business continuity plan. knowledge 2
k Apply risk assessment techniques to identify, assess, and prioritize risk factors for information assets concepts related to threat vectors and probability/threat likelihood skill 3
l Describe cybersecurity risk in relation to business risk knowledge 2



  1. Security+
  2. Network+
  3. Cloud+
  4. CEH
  5. GSEC
  6. CAP


  1. CCNA
  2. CYSA+


  1. CASP
  2. CISSP
  3. CISA
  4. CISM
  5. CRISC
  6. CCSP