Cyber Risk Management Roles and Responsibilities

Author: Lynn Fountain

CPE Credit:  2 hours for CPAs

Google “cyber risk management jobs”. In today’s world of “the robots are coming for our jobs” you will see an abundance of titles and descriptions. The titles are not the focus. The concept of the need for technical experts beyond our traditional IT personnel is critical. An essential element of any cyber risk management program is properly establishing roles and responsibilities within the organization. Absent this identification, your program is at risk for failure. The NIST cyber risk management framework outlines five activities that comprise a strong cyber program. Those activities include:
• Identify your assets
• Protect your assets
• Detect threats
• Respond to threats
• Recover from threats

Within each activity, the framework highlights the importance of properly identifying and assigning roles and responsibilities to ensure the activities are executed.

With technology such an important aspect of how business is conducted, the players that should be actively involved in a cyber program have expended. When it comes to cyber issues, many may relinquish the responsibilities to the office of the CIO. However, as outlined in various elements of the NIST Cyber Risk Management Framework, organizations must consider the need for assignments and roles beyond the office of the CIO. This course will cover various components of roles and responsibilities within a strong cyber risk management program.

Publication Date: April 2019

Designed For
Information Technology Specialists, Internal auditors, Professionals considering the role of internal audit, Chief Audit Executives, Accountants and Finance professionals, CFOs, CEOs, Legal and Compliance professionals, Board members and Audit Committee members.

Topics Covered

  • The concept of a cybersecurity program
  • Various threats to be managed by individuals within CRM roles
  • Actions professionals and organizations can take towards prevention of cyber incidents
  • Types of cyber risk management roles and critical responsibilities
  • Role categories via the NIST cyber framework
  • Elements of the IT infrastructure that are critical for the various roles to manage
  • Relevant policies, procedures and standards that are critical for professionals executing cyber risk management roles

Learning Objectives

  • Identify the various threats that must be managed by individuals responsible for cyber risk management roles
  • Recognize and explore actions professionals and organizations can take towards prevention of cyber incidents
  • Identify types of cyber risk management roles and critical responsibilities to be executed within various cyber risk management roles
  • Describe elements of the information technology infrastructure that are critical for the various roles to manage
  • Differentiate relevant policies, procedures and standards that are critical for professionals executing cyber risk management roles
  • Identify cyber-physical systems that society relies on
  • Differentiate NIST Framework steps used to take action regarding a detected cybersecurity incident
  • Recognize common policies describes how to account for IT resources and data

Level
Basic

Instructional Method
Self-Study

NASBA Field of Study
Information Technology (2 hours)

Program Prerequisites
None

Advance Preparation
None

Registration Options
Quantity
Fees
Regular Fee $59.00

 Chat — Books Support