MGT415: A Practical Introduction to Cyber Security Risk Management

  • In Person (2 days)
  • Online
12 CPEs

MGT415 will provide students with an introduction to thinking practically about risk management and teach the skills necessary to perform risk assessments. Not only will students learn foundational concepts of risk, but they will be given templates and tools that they can take back to their office immediately after class to perform risk assessments. Throughout the class students will learn introductory concepts of Governance, Risk, and Compliance (GRC) that they can use to mature their cyber security programs.

What You Will Learn

In this course students will learn the practical skills necessary to perform regular risk assessments for their organizations. The ability to perform risk management is crucial for organizations hoping to defend their systems. There are simply too many threats, too many potential vulnerabilities that could exist, and simply not enough resources to create an impregnable security infrastructure. Therefore every organization, whether they do so in an organized manner or not, will make priority decision on how best to defend their valuable data assets. Risk management should be the foundational tool used to facilitate thoughtful and purposeful defense strategies.


  • Lab 1 - Performing a Simple Risk Assessment
  • Lab 2 - Risk Assessment Case Study
  • Lab 3 - Formal Risk Assessment Tools
  • Lab 4 - Formal Risk Management Tools
  • Lab 5 - Log Parsing to Identify Risks
  • Lab 6 - Using a LiteGRC Risk Management Tool


  • Students will learn step by step how to perform a risk assessment.
  • Students will learn how to map an organization's business requirements to implemented security controls.
  • Students will learn the elements of risk assessment and the data necessary for performing an effective risk assessment.
  • Students will learn about what in depth risk management models exist for implementing a deeper risk management program in their organization.


  • Perform a complete risk assessment
  • Inventory an organization's most critical information assets
  • Assign a data owner and custodian to an information asset
  • Assign classification values to critical information assets
  • Prioritize risk remediation efforts as a result of performing a risk assessment
  • Evaluate risk management models for use in their own organization


  • Electronic Courseware for learning how to perform risk management
  • Printed course materials
  • A unique course spreadsheet tool for performing risk management
  • Open source tools for performing risk management
  • MP3 audio files of the complete course lecture


Syllabus (12 CPEs)

Download PDF
  • Topics
    • Understanding Risk
    • Control Focused Risk Assessment
    • How to Perform a Simple Risk Assessment
    • Risk Assessment Case Study
  • Topics
    • Formal Risk Management Models and Tools
    • Event Focused Risk Management
    • Risk Management Case Study
    • Risk Management Software
    • Risk Remediation & Response


A basic understanding of information security and information security management topics is helpful for students attending this class. However, a strong background in any of these skills is not a pre-requisite for the class. In the class students will be taught a step by step approach for performing a risk assessment regardless of their technical information security or management background.

Laptop Requirements

Important! Bring your own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will not be able to fully participate in hands-on exercises in your course. Therefore, please arrive with a system meeting all of the specified requirements.

Back up your system before class. Better yet, use a system without any sensitive/critical data. SANS is not responsible for your system or data.


  • Wireless networking (802.11 standard) is required. There is no wired Internet access in the classroom.


  • Your host operating system must be the latest version of Windows 10, Windows 11, or macOS 10.15.x or newer.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
  • Linux hosts are not supported in the classroom due to their numerous variations. If you choose to use Linux as your host, you are solely responsible for configuring it to work with the course materials and/or VMs.
  • Microsoft Office (any version) or OpenOffice installed on your host. Note that you can download Office Trial Software online (free for 30 days).

If you have additional questions about the laptop specifications, please contact

Author Statement

"Most every time we talk with an organization, whether that be a private company or a government agency, we meet people who want to use risk assessment as a tool, but are not actually using it as they could. No organization has enough resources to do everything they would like to defend themselves. At some point a priority decision has to be made. We either make those decisions individually based on whatever need seems to be the most pressing in from of us today, or we take a methodical approach, getting as much input from the business as possible. Risk management is the tool we have available for taking the methodical path.

This course has been written with practicality and usability in mind. Risk models and learning ALE to pass a certification test is fine. But to defend our systems, we need practical skills in risk assessment. This course will teach students the hands-on skills necessary to immediately start using risk assessment as a tool to defend their organization."

- James Tarala & Kelli Tarala

"James was great! Very informative, clear and concise." - Sean O'Connor, Secureworks

Register for MGT415