Experiential Activities for Risk Management Education

Authors

  • Michael Whitman Kennesaw State University
  • Robert Chaput Clearwater Compliance, LLC

Keywords:

risk management, risk assessment, information security education, cybersecurity education, experiential education

Abstract

A core premise in the instruction of Information Security/Cybersecurity is that risk management is a cornerstone of security management, as evidenced in the promotion of GRC (Governance, Risk Management and Compliance) as the strategic triad in the trade press. While a theoretical exploration of risk management is important, the provision of an experiential activity to support the theory is valuable in cementing the knowledge in students. This paper will discuss popular risk management methodologies and examine a number of tools to support the instruction of the more common methodologies by instructors without substantial cost or learning curve.

Cover - CISSE Volume 8, Issue 1

Downloads

Published

2020-12-01

Issue

Vol. 8 No. 1 (2020): Journal of The Colloquium for Information Systems Security Education

Section

Articles