Skills Matrix and Action Plan
The Information Risk Management module gave me the skills to identify, characterize and analyze industry-specific risks and to develop mitigation measures. In addition to risk management standards such as the NIST 800-30, FAIR and ISO-27005 model, the impact of the SDLC approach in relation to risks during development and the finished end product of software were also examined in order to gain an understanding of the interdependence of processes and risks to develop.