Cyber Risk Management

Develop cyber risk assessment and treatment techniques that can effectively pre-empt and identify significant security loopholes and weaknesses, demonstration of the business risks associated with these loopholes and provision of risk treatment and prioritisation strategies to effectively address the cyber-related risks, threats and vulnerabilities identified to ensure appropriate levels of protection, confidentiality, integrity and privacy in alignment with the security framework

Type

Domain

Competency Area

Governance and Compliance

Levels

Develop and roll out cyber risk assessment techniques

Develop cyber risk assessment techniques to identify security loopholes and weaknesses in the business

Design cyber risk assessments by consolidating insights from the business and various functions

Identify cyber security risks, threats and vulnerabilities, and their

Develop strategies to address cyber security loopholes

Guide the development of cyber risk assessment techniques

Pre-empt risks, vulnerabilities and threats across organisation policies, processes and defences

Evaluate effectiveness of current cyber risk assessment techniques

Direct improvements or modifications to vulnerability assessment

techniques in view of impact on the organisation

Identify possible treatments for cyber risks, threats and vulnerabilities identified

Implement endorsed treatment and measures to address security gaps

Evaluate the readiness and robustness

Establish organisation's position and strategy for assessing and managing cyber risk

Determine security testing policies and authorise the management of all testing activities within the organisation

Articulate implications of potential cyber threats on requirements of organisational readiness emerging security risks and threats

Lead the implementation of cyber risk assessment activities throughout organisation, ensuring alignment with organisation's policies and principles

Analyse cybersecurity loopholes identified and project business risk and impact to the organisation

Evaluate options and decide on suitable treatment of cyber risks, threats and vulnerabilities

Develop strategies to address loopholes and ensure appropriate levels of protection, confidentiality, integrity and personal data protection