Innovative Risk Management with NIST Enriched Methodology, is a systematic process that includes the formulation of the risks faced by a company, their analysis, their classification according to rational criteria, the assessment of the probability of the risks occurring, the analysis of the consequences that will occur (in terms of customers, partners, staff, institutional framework, reputation, etc.). The result of this process is the ” Illustration ” of the consequences should the risk materialize and the ” Illustration ” of risks and consequences from language into numerical form to create the “Risk Matrix” of the Business. This will lead the business to explore proactive measures to reduce either the likelihood or consequences and mitigation plans for risks greater than an acceptable numerical threshold. At the same time, it will assist the Firm in selecting countermeasures that are consistent with the value of the resources they will protect, and in prioritizing the implementation of those countermeasures.
In the NIST methodology, the analysis of risks is done at more than one level – taxonomy levels (compared to other methodologies that analyze at only one level – flat analysis) and, in addition, the analysis of both the probability of the risks occurring and the consequences they will cause are synthesized in a multifactorial way through functions (not in a flat way, where the probability consists of only one component, but by defining through functions the components that make up the probability – the same is followed for the consequences). Therefore, in this way the company knows a) what it is at risk of, b) in which cases it is at risk, c) to what extent it is at risk per case, d) for each risk the consequences that are likely to occur and based on all this to prepare the mitigation or response planning and measures.
The training program is ideal for:
- Business managers
- Managers with decision making responsibilities related to the management of organizational or technological risks, such as, but not limited to, Directorates or Departments: Operations, Projects (or new projects), Planning, Production, Research and Development, Information Technology or Computerization, Human Resources (the name may vary by company)
- Executives directly involved in proposing and/or making risk management decisions such as Data Protection Officers (DPOs), Risk Management Systems Officers, Information Security or Health and Safety Officers and internal auditors of similar systems
Our experienced Instructor Kyriakos Demetriou will provide all the necessary information and knowledge to the participants.
If you are interested in the specific subsidized training program, contact us
