Видео

Thanks a lot for this informative video, Sir. Simple to understand due to your clarity in explanation.

Risk matrices don't work, this is a well established fact. What's the point of promoting it if you don't understand it?

Hi everybody, i dont get the result of probability × impact value can become 4.

Very Informative and Valuable Sir Thank you for sharing Valuable Knowledge 🙏

Thank you sanjay, your video is more understandable, when ever I used to get doubt I will watch your videos.

risk level didvided in 4 equal parts, if impact is medium and likelihood is medium then with this table final risk come in low number. same if high impact and high likelihood then risk result come in medium block. how you can explain this

Where is the impact section goes ?

👍👍👍

How to compute vulnerability?

Dear Friends, I have a question: 1/ Which department will be responsible for implementing compliance functionality in the GRC?. Thank you.

Great thanks for this wonderful practical session of RA.

Thank you so much for these wonderful sessions, sir. Kindly do post more on GRC based sessions. Keep posting some real time practical kind of stuffs if possible. Eagerly waiting for upcoming videos.

Thank you so much Sir. I really learned a lot about RA on Assets today. I have subscribed your channel and planning to spend lots of time and watch all your videos on BC stuff. Love from Canada

VERY GOOD EXPLANATION BRIEF KNOWLEDGE

Thanks you soo much sir for sharing knowledge

Thank you very much for knowledge sharing. This is talking about perfect timing for me.

Thanks for sharing. The content was really good and well-presented.

11 new controls introduced in the ISO 27001 2022 revision: A.5.7 Threat intelligence A.5.23 Information security for use of cloud services A.5.30 ICT readiness for business continuity A.7.4 Physical security monitoring A.8.9 Configuration management A.8.10 Information deletion A.8.11 Data masking A.8.12 Data leakage prevention A.8.16 Monitoring activities A.8.23 Web filtering A.8.28 Secure coding

Sir!! Very good information presented in a clear and simple manner; even professionals will benefit from it.

sir, you should example like what are corrective controls, detective controls etc. just reading from the slides don't help much

Sorry, I'm Italian but I don't understand much of what you say. You have a strong Indian accent. You should post subtitles.

Hello Sanjay, thanks for this great resource. Please I have a question. My question is; in the table below, I have various threat values for assetname "Laptop" and again had various threat values for assetname "Database server". In this situation, which of the threat values should I take as the actual threat value for a specific (single) asset? Assetname Threats Frequency Impact Value Threat Threat Value Laptop Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1 Database server Sql injection 3 4 12 3 Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1

Excellent work, Sir; I appreciate your efforts

good content sir. I have watched it several times.

Thanks a lot sir. Nicely explained

is it okay to use -> Asset + Threat + Vulnerability = Risk

Simple and to the Point, very well explained.

Nicely explained sir. Thankyou so much for such a clear and nice contents. Sir could you please also make a video on CIA rating criteria, I mean how to decide 1~4 rating for Credibility, Integrity and availability?

Nicely explained.. thank you sir

who will decide asset value is it data owner / asset owner or auditor/implementer ?

Thank you!!

Great work sir

Very nice and learning this session. Thanks you Sir.

I really like the simplicity in style with which you present. Years of experience really reflects in the confidence of delivery of the lecture / presentation. Simple and real-time examples keeps audience in line with the topic. Keep doing more presentations.

Thank you very much ,very well presented sir

Sir pl avoid background music

Nice introduction of Risk Management Sir. Looking forward for the subsequent videos on the topic.

Nice Presentation Sir. Types and purpose of controls are very well explained.

Sir, request if you could also make a video based on Context. Normally, it is called as Context Based Risk Assessment. Thanks

Thank you Sir Sanjay for the informative explanation of SOA and its relation ship between RA and RTP. This presentation is really helpful to understand the concept and implementation of SOA (in-depth) in an organization. Stay bless and keep posting the substantial and challenging topics of information security domain in a simple way. Respect from Pakistani Students.

I saw many videos sir, but u explained it very clearly.... Thank you so much

Nice presentation. Sir i was looking for IT DEPARTMENT Role in ISO27001 Certification for giving internal presentation to IT as we are persuing for same. Do u hv such ppt/video ir can u suggest for the same.

This was very insightful. Really appreciate the efforts taken to explain this concept.

A very simple and to the point video on a complex topic..please make and share the videos on other topics for CISSP..thank you

Nice presentation with deep knowledge. 👍

Very good explanation Sir,

Great work, Sanjay.

👍

Content covered is quite useful for both beginners and experts in the Industry, great delivery. The background music is a little disturbing.

Very good information explained in nice and most simpler way,even professionals add to their knowledge bank.