Updated in May 2025.

This course now features Coursera Coach!

A smarter way to learn with interactive, real-time conversations that help you test your knowledge, challenge assumptions, and deepen your understanding as you progress through the course.

This course offers a thorough exploration of the NIST Cybersecurity Framework (CSF) and Risk Management Framework (RMF), essential for managing cybersecurity risks across organizations. You will begin by understanding NIST’s history, structure, and partnerships, along with its impact on cybersecurity practices. The course guides you through the NIST CSF Core, Tiers, and Profiles to effectively assess and manage risks.

Next, you will explore vital risk management concepts such as risk vocabulary, categorization, and control selection. Practical skills include conducting Business Impact Assessments, setting security policies, and applying controls, supported by case studies and real-world examples. These modules deepen your understanding of effective risk mitigation.

The course concludes with advanced topics like incident response, digital forensics, and business continuity planning. Hands-on exercises prepare you to handle cybersecurity incidents and reduce risks. By completion, you’ll be equipped to use NIST frameworks to safeguard assets, maintain compliance, and promote a strong security culture. It is ideal for cybersecurity professionals, IT auditors, and risk managers with basic knowledge of information security.

Applied Learning Project

The included projects focus on real-world scenarios such as developing and assessing cybersecurity programs using NIST frameworks. Learners will apply their skills to create risk management plans, implement security controls, and perform audits to solve authentic security challenges in an organizational context.