Cybersecurity Risk Management

This course covers the professional practice of cybersecurity risk management considered from the perspective of enterprise governance. It encompasses cybersecurity risk identification, classification, measurement, remediation, monitoring, and reporting. 


 Course Access:
30-day course access from date of purchase

Self-study, self-paced

Jennifer Bayuk, Ph.D., CISA, CISM, CGEIT

90 minutes 


About This Course

This course covers the professional practice of cybersecurity risk management considered from the perspective of enterprise governance. It encompasses cybersecurity risk identification, classification, measurement, remediation, monitoring and reporting. Concepts are explained with examples and illustrations to accelerate the learning process.

Connections are made between established risk management principles and attributes of risk unique to cybersecurity. Participants are expected to have some level of experience in risk management principles and practices, but deep expertise in risk management is not required. Participants are not expected to have technology expertise but may expect to develop capability for critical thinking with respect to technology.

The course enhances the awareness of participants at all levels on how to leverage their own experience to develop their understanding of the field of cybersecurity risk management.   

Learning Objectives

The overall objective is to enable and empower risk professionals to confidently, efficiently, and effectively contribute to cybersecurity risk management programs.

Specific skills that will be taught in this course include how to:

  • Recognize and examine cybersecurity risk frameworks
  • Plan and execute cybersecurity scenario analysis
  • Summarize cybersecurity governance structures
  • Select and interpret cybersecurity risk indicators
 Lesson   Topic
 Lesson 1  

Cybersecurity Risk Frameworks

  • Industry
  • Regulatory
  • Enterprise
 Lesson 2  

 Cyber Scenarion Analysis

  • Threat Actors
  • Security Operations
  • Event Categories
  • Loss Calculation
 Lesson 3  

 Technology Controls

  • Roles and Responsibilities
  • Governance Processes
 Lesson 4  

Cybersecurity Risk Metrics

  • Key Cyber Risk Indicators
  • Cybersecurity Risk Appetite and Tolerance

About Our Expert


Jennifer L. Bayuk is a Cybersecurity due diligence expert. She has been a Global Financial Services Technology Risk Management Officer, a Wall Street Chief Information Security Officer, a Big 4 Information Risk Management Consultant, a Manager of Information Technology Internal Audit, a Security Architect, a Bell Labs Security Software Engineer, a Professor of Systems Security Engineering, and a Private Cybersecurity Investigator and Expert Witness. She is currently developing Cybersecurity Frameworks with Decision Framework Systems, Inc. and consulting with TAG-Cyber.

Bayuk has numerous publications on information security management, information technology risk management, information security tools and techniques, cybersecurity forensics, technology-related privacy issues, audit of physical and information systems, security awareness education, and systems security metrics. She is the author of: Stepping through the IS Audit, Stepping through the InfoSec Program, Enterprise Security for the Executive, and author/editor of: Cyberforensics, Cybersecurity Policy Guidebook, Enterprise Information Security and Privacy, and Financial Cybersecurity Risk Management.

Bayuk’s direct technology experience spans enterprise architecture, telecommunications networks, operating systems, database management systems, network management systems, application development and support, technology forensics, business continuity, and operations process. She has Masters Degrees in Computer Science and Philosophy, and a PhD in Systems Engineering. Her certifications include CISSP, CISA, CISM, CGEIT, and a NJ State Private Investigator's License.

Continued Risk Learning Credits: 1

PRMIA Continued Risk Learning (CRL) programs provide you with the opportunity to formally recognize your professional development, documenting your evolution as a risk professional. Employers can see that you are not static, making you a highly valued, dynamic, and desirable employee. The CRL program is open to all Contributing, Sustaining, and Risk Leader members, providing a convenient and easily accessible way to submit, manage, track and document your activities online through the PRMIA CRL Center. To request CRL credits, please email [email protected].

 Membership Type Price
 Members $ 169.00
 Non Members $ 199.00


Course access is for 30 days from date of purchase. Please complete the course within 30 days. If additional time is required, repurchase is necessary. 

If this is your first time accessing the PRMIA website you will need to create a short user profile to register. Save on registration by becoming a member.


Register Now



For technical issues regarding course access, contact [email protected]

PRMIA Digital Product Return Policy.

Thank you to our sponsors, including:


Contact Us

Looking to further your career?

Become a Member

Sign Up for Mailing List