CYBR 610, Risk Management Studies:

The course required students to identify assets, including tangible (desks, computers, buildings) and nontangible (reputation, customer data, etc.), their associated vulnerabilities (physical loss, compromised data or  inaccurate data) and associated risks (theft, tampering, information disclosure) for each.  Each asset was assigned a dollar value, probability value for the vulnerability with the risk to the asset calculated.  Modes and methods for the vulnerabilities and risk avoidance were investigated.  Obtaining management by-in from less than enthusiastic management (due to costs, not convinced of risk, etc.) to implement risk management strategies (making a persuasive argument) was discussed.