DIGT050 - Building a Cybersecurity Framework: Governance, risk, and compliance

Course Description

Designed to introduce learners to essential concepts and practices needed to build an effective organizational cybersecurity structure, participants will learn how to construct governance models, conduct high-level threat and risk assessments, develop risk management strategies, and ensure compliance with key industry standards and regulations. Through interactive sessions and self-paced activities, candidates will gain practical skills to align cybersecurity with broader business goals and navigate the evolving regulatory landscape.

Course Outline

• Discover the fundamentals of cybersecurity governance
• Explore roles, responsibilities, and policies for cyber oversight
• Identify relevant industry frameworks and regulations (e.g., NIST, ISO 27001, PIPEDA)
• Conduct high-level cyber threat and risk assessments (TRA)
• Translate cyber risks into business impacts and prioritize mitigation
• Examine third-party and supply chain risk management
• Develop and align a cybersecurity strategy with organizational goals
• Complete a final project defining a compliance and risk management approach

Learner Outcomes

• Integrate cybersecurity governance into organizational structures and policies
• Identify and interpret key regulatory, legal, and standards-based compliance requirements
• Plan and implement cyber threat and risk assessments for organizational contexts
• Evaluate and select appropriate cybersecurity frameworks and controls
• Translate cyber risks to business risks and communicate impacts to stakeholders
• Develop risk management approaches aligned with organizational objectives
• Create actionable initiatives using tools like RACI charts and risk registers

Applies Towards the Following Certificates

• Managing Organizational Cybersecurity and Compliance Micro-credential : Core Courses