Cyber Security: GRC Part 2 - Risk Management and Compliance
Ends soon! Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.
Cyber Security: GRC Part 2 - Risk Management and Compliance
This course is part of Cyber Security: Essentials for Governance, Risk & Compliance Specialization
Instructor: Matt Bushby
Included with
Learn more
Ask Coursera
Recommended experience
Recommended experience
What you'll learn
Design and implement effective governance models, including risk management structures and the Three Lines of Defence.
Craft a cyber security strategy aligned to business goals, integrating established frameworks including NIST, CIS, and ISO 27001.
Assess and quantify organisational cyber risks using both qualitative and quantitative methodologies.
Lead high-stakes decision-making during real-time cyber incidents, drawing on playbooks and threat intelligence.
Skills you'll gain
- Cyber Risk
- Business Risk Management
- Cyber Security Strategy
- Cyber Security Policies
- Cyber Threat Intelligence
- Risk Management
- Threat Management
- Security Management
- Risk Analysis
- Security Strategy
- Risk Mitigation
- Crisis Management
- Strategic Leadership
- Governance Risk Management and Compliance
- Risk Modeling
- Cybersecurity
- Cyber Security Assessment
Details to know
5 assignments
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
There are 5 modules in this course
β’ Watch our course introduction video before you enroll! (copy and paste into browser) https://vimeo.com/1176025088
Cyber security is no longer just a technical challenge, it's a boardroom responsibility. This course is designed for senior professionals, managers, and rising cyber leaders who need more than technical knowledge. You'll develop the strategic foresight, governance capability, and decisive leadership required to protect your organisation at the highest level. Think of it as your executive playbook for navigating the complexities of modern cyber security management from setting strategy to leading through a live crisis. A foundational understanding of cyber security concepts and business operations is recommended.
This module covers how to design and assess a cybersecurity strategy aligned with business goals and critical asset protection. You will learn core principles such as the CIA Triad, along with key concepts including risks, threats, and vulnerabilities in todayβs cyber landscape. It explores how to evaluate threat environments, define cyber risk tolerance, and benchmark maturity using frameworks like NIST, ISO 27001, and CIS Controls. The module also examines how to embed cybersecurity into enterprise strategy and culture as a strategic enabler. By the end, learners will be able to develop a tailored cybersecurity strategy, assess cyber maturity, and align security decisions with organisational priorities.
What's included
1 video1 assignment10 plugins
1 videoβ’Total 1 minute
- Module 1: Introduction Video β’1 minute
1 assignmentβ’Total 15 minutes
- End of module quizβ’15 minutes
10 pluginsβ’Total 106 minutes
- Overviewβ’5 minutes
- Introductionβ’5 minutes
- The CIA Triadβ’15 minutes
- Key frameworks and terminologyβ’15 minutes
- Risks, threats and vulnerabilitiesβ’15 minutes
- Introduction to cyber security strategyβ’15 minutes
- Cyber security and business strategy alignmentβ’15 minutes
- Career inspirationβ’15 minutes
- Summaryβ’5 minutes
- Referencesβ’1 minute
This module covers cyber security governance, emphasizing executive oversight and accountability for managing cyber risk. You will learn key governance models, including the Three Lines of Defence, and examine senior management responsibilities. Explore global frameworks like NIST CSF, NIST SP 800-53, and CIS Controls to define and evaluate cyber programs. By the end, you will demonstrate how governance guides risk management and embeds cyber security as an organizational responsibility. Focus on framework application for success.
What's included
1 video1 assignment14 plugins
1 videoβ’Total 1 minute
- Module 2: Introduction Video β’1 minute
1 assignmentβ’Total 15 minutes
- End of module quizβ’15 minutes
14 pluginsβ’Total 171 minutes
- Overviewβ’5 minutes
- Introductionβ’10 minutes
- Why is a cyber security framework important?β’15 minutes
- Risk management frameworkβ’15 minutes
- Introduction to program frameworksβ’15 minutes
- NIST cyber security framework (CSF)β’15 minutes
- Control objectivesβ’15 minutes
- NIST SP 800-53 overviewβ’15 minutes
- NIST SP 800-53 control categoriesβ’15 minutes
- The Center for Internet Security (CIS) frameworkβ’15 minutes
- CIS critical security controlsβ’15 minutes
- Critical security controls self assessment toolβ’15 minutes
- Summaryβ’5 minutes
- Referencesβ’1 minute
This module focuses on leading cyber risk management, balancing security controls with business priorities. Building on governance, you will explore cyber risk concepts like threat modeling, asset classification, and risk tolerance. Learn structured risk assessment processes to identify vulnerabilities, assess impact, and prioritize mitigation. Understand how risk management cascades from policy to operations, reinforcing the Three Lines of Defence model. By the end, you will contribute to cyber risk discussions and embed risk-informed thinking into cyber strategy. For success, apply risk assessment methods to real scenarios.
What's included
1 video1 assignment9 plugins
1 videoβ’Total 1 minute
- Module 3: Introduction Video β’1 minute
1 assignmentβ’Total 15 minutes
- End of module summaryβ’15 minutes
9 pluginsβ’Total 86 minutes
- Overviewβ’5 minutes
- Introductionβ’5 minutes
- Elements of cyber corporate governanceβ’15 minutes
- Structure of cyber security governanceβ’15 minutes
- Senior executives and cyber securityβ’15 minutes
- The Three Lines of Defence model (3LOD)β’15 minutes
- Industry interveiwβ’10 minutes
- Summaryβ’5 minutes
- Referencesβ’1 minute
This module focuses on quantifying cyber risks for evidence-based decision-making. You will learn to prioritize investments and remediation by exploring qualitative and quantitative assessment models, including FAIR and NIST frameworks. Understand how to calculate risk likelihood, impact, and exposure in financial and operational terms. By the end, you will assess organizational risk posture, compare data-driven remediation options, and communicate cyber risk in terms that resonate with stakeholders from executives to regulators. Practice applying quantification models to gain confidence.
What's included
1 video1 assignment11 plugins
1 videoβ’Total 1 minute
- Module 4: Introduction Video β’1 minute
1 assignmentβ’Total 15 minutes
- End of module quizβ’15 minutes
11 pluginsβ’Total 121 minutes
- Overviewβ’5 minutes
- Introductionβ’5 minutes
- Risk management conceptsβ’15 minutes
- Types of risk assessmentβ’15 minutes
- Qualitative risk assessmentsβ’15 minutes
- Quantitative risk assessmentsβ’15 minutes
- Responding to risksβ’15 minutes
- Control selection and implementationβ’15 minutes
- Risk maturity modellingβ’15 minutes
- Summaryβ’5 minutes
- Referencesβ’1 minute
This module prepares senior leaders to manage cyber crises with confidence. You will explore cyber attack evolution, real-world case studies, and the cyber kill chain. Focus on the senior management role in preparation and response, including time-critical decision-making and stakeholder communication. Understand how cyber resilience is a leadership responsibility, integrating risk management and strategic foresight. By the end, you will develop leadership-aligned response strategies and build a resilient organizational culture. To maximize learning, consider current organizational incident response plans.
What's included
1 video1 reading1 assignment10 plugins
1 videoβ’Total 1 minute
- Module 5: Introduction Video β’1 minute
1 readingβ’Total 5 minutes
- Congratulations and next stepsβ’5 minutes
1 assignmentβ’Total 15 minutes
- End of module quizβ’15 minutes
10 pluginsβ’Total 106 minutes
- Overviewβ’5 minutes
- Introductionβ’5 minutes
- The evolution of cyber attacksβ’15 minutes
- The cyber risk landscapeβ’15 minutes
- Understanding the internal userβ’15 minutes
- Motivation of attackersβ’15 minutes
- Cyber kill chainβ’15 minutes
- The responsibility of senior managementβ’15 minutes
- Summaryβ’5 minutes
- Referencesβ’1 minute
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor
Offered by
Explore more from Computer Security and Networks
- M
Macquarie University
Course
Category: Credit offered - M
Macquarie University
Course
Category: Credit offered
Why people choose Coursera for their career
Frequently asked questions
Cyber risk management involves identifying, assessing, and mitigating cyber threats to protect business assets. This course covers strategies for effective cyber risk management and compliance.
Cyber governance aligns security practices with business goals, ensuring leadership oversight and accountability. This course teaches how to integrate governance frameworks for strategic security.
This course covers key compliance frameworks like NIST, CIS, and ISO 27001. You will learn to apply these for cyber security assessment and policy development.
More questions
Financial aid available,
