Thanks a lot for this informative video, Sir. Simple to understand due to your clarity in explanation.
@SanjayGore
Ай бұрын
Thanks @kishorelachhani1202
@LightInside-id1fm
3 ай бұрын
Risk matrices don't work, this is a well established fact. What's the point of promoting it if you don't understand it?
@SanjayGore
3 ай бұрын
Thanks for your comments. Your thinking is respected and welcome.
@kamalabdulawel6457
3 ай бұрын
Hi everybody, i dont get the result of probability × impact value can become 4.
@SanjayGore
3 ай бұрын
Can u further through some light, for me to explain more?
@kamalabdulawel6457
3 ай бұрын
Hello Sanjay, thanks for the quick reply and your great Präsentation. I dont understand how the threat value is calculated. In your präsentation it says threat value is probabilty * impact value. This Value is larger than 1 -4 how do you get your Threat Value exactly. Is ist just estamation.
@NagarjunKoujula
6 ай бұрын
Very Informative and Valuable Sir Thank you for sharing Valuable Knowledge 🙏
@SanjayGore
6 ай бұрын
Thank you very much. I am happy that my little effort helped you understand certain concepts.
@RS-ws5lh
6 ай бұрын
Thank you sanjay, your video is more understandable, when ever I used to get doubt I will watch your videos.
@SanjayGore
6 ай бұрын
Thanks you very much. I am happy that my little efforts are helpful for you to understand.
@KhurramShahzad-qb5sk
8 ай бұрын
risk level didvided in 4 equal parts, if impact is medium and likelihood is medium then with this table final risk come in low number. same if high impact and high likelihood then risk result come in medium block. how you can explain this
@usmanshahzad3158
10 ай бұрын
Where is the impact section goes ?
@SanjayGore
10 ай бұрын
Thanks for your response. Likelihood multiplied by Impact becomes Threat Value. Impact is the assessment of severity of the threat. Hope this suffices your query. Thanks again for asking the question.
@usmanshahzad3158
10 ай бұрын
@@SanjayGore it's clear so we calculate the risk score as threat*vul* asset value, please correct me if I am wrong
@SanjayGore
10 ай бұрын
@@usmanshahzad3158 Your statement is correct, Sir.
@shahrukhdaud7989
10 ай бұрын
👍👍👍
@jeangrace6749
11 ай бұрын
How to compute vulnerability?
@SanjayGore
11 ай бұрын
Thanks for your query. The vulnerability is other side of effectiveness of control. More the effectiveness of control lesser the vulnerability and vice versa.
@ntcuong01ct1
Жыл бұрын
Dear Friends, I have a question: 1/ Which department will be responsible for implementing compliance functionality in the GRC?. Thank you.
@spmanoj123
Жыл бұрын
Great thanks for this wonderful practical session of RA.
@SanjayGore
Жыл бұрын
Thank you for those good words.
@musfarkoodakkara3603
Жыл бұрын
Thank you so much for these wonderful sessions, sir. Kindly do post more on GRC based sessions. Keep posting some real time practical kind of stuffs if possible. Eagerly waiting for upcoming videos.
@SanjayGore
Жыл бұрын
Thank you so much for those kibd words. Sure, I will post as suggested by you. Keep engaging. Thanks again.
@hashamkhan8477
Жыл бұрын
Thank you so much Sir. I really learned a lot about RA on Assets today. I have subscribed your channel and planning to spend lots of time and watch all your videos on BC stuff. Love from Canada
@SanjayGore
Жыл бұрын
Thank you very much for those good words. Also thanks for subscribing.
@subashmg
Жыл бұрын
VERY GOOD EXPLANATION BRIEF KNOWLEDGE
@anitapanchal9152
Жыл бұрын
Thanks you soo much sir for sharing knowledge
@SanjayGore
Жыл бұрын
Thanks. You are welcome. Please subscribe and share the video.
@phathiswabam2630
Жыл бұрын
Thank you very much for knowledge sharing. This is talking about perfect timing for me.
@SanjayGore
Жыл бұрын
Thanks I am happy my efforts are useful for your help, may be a very samll. Thank again for communicating it to me.
@solomona8695
Жыл бұрын
Thanks for sharing. The content was really good and well-presented.
@SanjayGore
Жыл бұрын
Thanks Solomon for these kind words.
@arsalananwar8265
Жыл бұрын
11 new controls introduced in the ISO 27001 2022 revision: A.5.7 Threat intelligence A.5.23 Information security for use of cloud services A.5.30 ICT readiness for business continuity A.7.4 Physical security monitoring A.8.9 Configuration management A.8.10 Information deletion A.8.11 Data masking A.8.12 Data leakage prevention A.8.16 Monitoring activities A.8.23 Web filtering A.8.28 Secure coding
@SanjayGore
Жыл бұрын
What you say is a revision in ISO 27002:2013 replaced with 27002:22. Secondly, it is not an addition but a replacement. And the revised ISO 27001:2022 is yet to come.
@arsalananwar8265
Жыл бұрын
@@SanjayGore What's the latest version of ISO 27001? ISO 27002 A comprehensive update of ISO 27001 is expected to be released in October 2022. Once updated, the latest version of ISO 27001 will align with changes made to ISO 27002 and published in February 2022.
@sayyedkarim5633
Жыл бұрын
Sir!! Very good information presented in a clear and simple manner; even professionals will benefit from it.
@SanjayGore
Жыл бұрын
Thanks for those good words.
@farhancpa
2 жыл бұрын
sir, you should example like what are corrective controls, detective controls etc. just reading from the slides don't help much
@marcellosarica9640
2 жыл бұрын
Sorry, I'm Italian but I don't understand much of what you say. You have a strong Indian accent. You should post subtitles.
@Kris9341
2 жыл бұрын
Hello Sanjay, thanks for this great resource. Please I have a question. My question is; in the table below, I have various threat values for assetname "Laptop" and again had various threat values for assetname "Database server". In this situation, which of the threat values should I take as the actual threat value for a specific (single) asset? Assetname Threats Frequency Impact Value Threat Threat Value Laptop Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1 Database server Sql injection 3 4 12 3 Virus & malware 4 4 16 4 Data & information theft 4 4 16 4 vandalism 3 3 9 3 unauthorized access 1 2 2 1 Ransomware 2 2 4 1 Date deletion 1 3 3 1
@HaseebKhan-cx1sh
2 жыл бұрын
Excellent work, Sir; I appreciate your efforts
@SanjayGore
2 жыл бұрын
👍 Thanks
@dessert91
2 жыл бұрын
good content sir. I have watched it several times.
@SanjayGore
2 жыл бұрын
Thank you very much
@ratnesh12100
2 жыл бұрын
Thanks a lot sir. Nicely explained
@SanjayGore
2 жыл бұрын
Most welcome
@arisocariza5334
2 жыл бұрын
is it okay to use -> Asset + Threat + Vulnerability = Risk
@SanjayGore
2 жыл бұрын
Yes. The organization can use eighter + or x as per convenience. But popular is X
@funkyputul
2 жыл бұрын
Simple and to the Point, very well explained.
@SanjayGore
2 жыл бұрын
Thank you these good words.
@abodhkant9493
2 жыл бұрын
Nicely explained sir. Thankyou so much for such a clear and nice contents. Sir could you please also make a video on CIA rating criteria, I mean how to decide 1~4 rating for Credibility, Integrity and availability?
@SanjayGore
2 жыл бұрын
Yes. Thanks for suggestion.I will do it. It confidentiality and not credibility.
@abodhkant9493
2 жыл бұрын
@@SanjayGore Thankyou Sir..!!
@YESCHEMISTRY
2 жыл бұрын
Nicely explained.. thank you sir
@SanjayGore
2 жыл бұрын
Thanks for those good words. It inspires me to do more.
@NavaneethE
2 жыл бұрын
who will decide asset value is it data owner / asset owner or auditor/implementer ?
@SanjayGore
2 жыл бұрын
Thanks for the query. The assets value is decided by the risk owner and assets owner. In the risk assessment, the asset-owner is the occupier of the assets (information). As we have seen that the organization should define the risk owner while developing the assets register. So the asset- value is decided by the asset owner. Thanks for your query.
@NavaneethE
2 жыл бұрын
@@SanjayGore Thanks
@MrLuiyi02
2 жыл бұрын
Thank you!!
@SanjayGore
2 жыл бұрын
You're welcome!
@inspiretobepositive
2 жыл бұрын
Great work sir
@SanjayGore
2 жыл бұрын
Thanks, Jayesh.
@ShivajiMirashe
2 жыл бұрын
Very nice and learning this session. Thanks you Sir.
@SanjayGore
2 жыл бұрын
Thank you very much Sir for those kind words. It is my pleasure.
@getsugu
2 жыл бұрын
I really like the simplicity in style with which you present. Years of experience really reflects in the confidence of delivery of the lecture / presentation. Simple and real-time examples keeps audience in line with the topic. Keep doing more presentations.
@SanjayGore
2 жыл бұрын
Thanks, Sir, for your kind words.
@abhijitmuley9941
3 жыл бұрын
Thank you very much ,very well presented sir
@SanjayGore
3 жыл бұрын
Thank you very much, Abhijit for those kind words.
@sowmyas9009
3 жыл бұрын
Sir pl avoid background music
@SanjayGore
3 жыл бұрын
Thanks for your suggestions. Your suggestion is welcome. I have noted your comments and try to edit them.
@NitinGupta-uj3lm
3 жыл бұрын
Nice introduction of Risk Management Sir. Looking forward for the subsequent videos on the topic.
@SanjayGore
3 жыл бұрын
Thank You Very Much For Those Kind Words. It Is My Pleasure.
@NitinGupta-uj3lm
3 жыл бұрын
Nice Presentation Sir. Types and purpose of controls are very well explained.
@SanjayGore
3 жыл бұрын
Thank you for your kind words.
@furiousruffian6041
3 жыл бұрын
Sir, request if you could also make a video based on Context. Normally, it is called as Context Based Risk Assessment. Thanks
@SanjayGore
3 жыл бұрын
Sure. Your suggestion is well taken. Thanks for that.
@furiousruffian6041
3 жыл бұрын
@@SanjayGore looking forward to a fantastic video
@xdsar
3 жыл бұрын
Thank you Sir Sanjay for the informative explanation of SOA and its relation ship between RA and RTP. This presentation is really helpful to understand the concept and implementation of SOA (in-depth) in an organization. Stay bless and keep posting the substantial and challenging topics of information security domain in a simple way. Respect from Pakistani Students.
@SanjayGore
3 жыл бұрын
Thank you Syed Rahim for your kind words. I am really happy to note that I was up to an extent helpful to you. Such comments like yours help me bring more enthusiasm Yes I am creating interesting stuff very soon. Thanks again Sanjay
@9959636785
3 жыл бұрын
I saw many videos sir, but u explained it very clearly.... Thank you so much
@SanjayGore
3 жыл бұрын
Thanks. You are welcome.
@suhaskokate5270
3 жыл бұрын
Nice presentation. Sir i was looking for IT DEPARTMENT Role in ISO27001 Certification for giving internal presentation to IT as we are persuing for same. Do u hv such ppt/video ir can u suggest for the same.
@Awesomeite4life
3 жыл бұрын
This was very insightful. Really appreciate the efforts taken to explain this concept.
@SanjayGore
2 жыл бұрын
Glad it was helpful!
@shailb923
3 жыл бұрын
A very simple and to the point video on a complex topic..please make and share the videos on other topics for CISSP..thank you
@SanjayGore
3 жыл бұрын
Keep watching
@muralidharonkar2056
3 жыл бұрын
Nice presentation with deep knowledge. 👍
@SanjayGore
3 жыл бұрын
Thank you Sir
@rajesht1956
3 жыл бұрын
Very good explanation Sir,
@SanjayGore
3 жыл бұрын
Thanks
@sridharkalyanasundaram7848
3 жыл бұрын
Great work, Sanjay.
@SanjayGore
3 жыл бұрын
Thanks Sir
@ganesanramesh6911
3 жыл бұрын
👍
@SanjayGore
3 жыл бұрын
Thanks Ramesh
@preritshah9915
4 жыл бұрын
Content covered is quite useful for both beginners and experts in the Industry, great delivery. The background music is a little disturbing.
@SanjayGore
4 жыл бұрын
Thank you, Prerit
@anilkarmarkar5664
4 жыл бұрын
Very good information explained in nice and most simpler way,even professionals add to their knowledge bank.
Пікірлер