Cyber Risk Management
Develop cyber risk assessment and treatment techniques that can effectively pre-empt and identify significant security loopholes and weaknesses, demonstration of the business risks associated with these loopholes and provision of risk treatment and prioritisation strategies to effectively address the cyber-related risks, threats and vulnerabilities identified to ensure appropriate levels of protection, confidentiality, integrity and privacy in alignment with the security framework
Type
Domain
Competency Area
Governance and Compliance
Levels
Develop and roll out cyber risk assessment techniques
Develop cyber risk assessment techniques to identify security loopholes and weaknesses in the business
Design cyber risk assessments by consolidating insights from the business and various functions
Identify cyber security risks, threats and vulnerabilities, and their
Develop strategies to address cyber security loopholes
Guide the development of cyber risk assessment techniques
Pre-empt risks, vulnerabilities and threats across organisation policies, processes and defences
Evaluate effectiveness of current cyber risk assessment techniques
Direct improvements or modifications to vulnerability assessment
techniques in view of impact on the organisation
Identify possible treatments for cyber risks, threats and vulnerabilities identified
Implement endorsed treatment and measures to address security gaps
Evaluate the readiness and robustness
Establish organisation's position and strategy for assessing and managing cyber risk
Determine security testing policies and authorise the management of all testing activities within the organisation
Articulate implications of potential cyber threats on requirements of organisational readiness emerging security risks and threats
Lead the implementation of cyber risk assessment activities throughout organisation, ensuring alignment with organisation's policies and principles
Analyse cybersecurity loopholes identified and project business risk and impact to the organisation
Evaluate options and decide on suitable treatment of cyber risks, threats and vulnerabilities
Develop strategies to address loopholes and ensure appropriate levels of protection, confidentiality, integrity and personal data protection