Risk Management

I teach a graduate level course at the New York Institute of Technology, Vancouver Campus.   The course is INCS 618 Computer Security Risk Management and Legal Issues in the School of Engineering  & Computing Sciences.

This course explores several domains in the Information Security Common Body of Knowledge. The course covers the following domains within Information Security:

  • Security Management Practices
  • Security Architecture and Models
  • Business Continuity Planning (BCP)
  • Disaster Recovery Planning (DRP)
  • Law and Legal Issues
  • Investigations
  • Ethics
  • Physical Security
  • Operations Security
  • Access Control Systems and Methodology
  • Network and Internet Security.

Below are a set of downloadable risk templates that I provide my students during the class.  I hope you find them helpful.


Capability Maturity Models

Capability Maturity Model Posts 


EA Capability Maturity Model Template and Example

Creating a Roadmap for EA using Capability Maturity Models – presentation

Motivating Strategic Practice Development using CMM – research paper