Learning Goals
Watch our video
Introduction
Learning Goals
Bridge the gap between best-intended security controls and real-world risk reduction.
By the end of this course, you will be able to:
-
Remove weaknesses in planning that cause mitigations to fail
-
Build SMART controls that treat the main source of the risk
-
Ensure migitations are preventive, detective and corrective
-
Apply the 80/20 rule to ownership and ensure controls are sustained
-
Apply the FACTR method to secure buy-in and ownership
Learn about why Profiling Risk matters and the key skills and capabilities covered by the course.
Presented by Matt Kent
CEO - GRC-X
4. Driving Ownership Through Engagement
How to communicate risk mitigation plans with controls owners and secure their buy-in.
Build in the Assurance Truth Test
How to prove your plan works by defining measurable evidence, success indicators and real-world tests before the plan is agreed.
The 20% Rule of Ownership
How to assign only the 20% that security should own and shift the remaining 80% to first-line teams through clear, practical ownership rules.
Build a PDC Controls Map
How to convert ideas into real controls using Prevent–Detect–Correct and eliminate actions that aren’t genuine mitigations.
Build Multi-Domain THOR Mitigations
How to design stronger mitigations by combining Technical, Human, Operational and Regulatory controls to avoid single-domain failure.
Craft a High Value Risk Statement
How to plan mitigation not guess it.
3. Building Risk Mitigation Plans
How to identify supporters, adversaries, conspirators, disciples and fence-sitters - and tailor your influence approach accordingly.
2. Risk Treatment
How to Treat, Transfer, Tolerate or Terminate risk.
1. Why Mitigation Matters
Where risk mitigation fails and the consequences associated with getting it wrong.
There are seven immersive skills sessions that underpin this course. Accompanied by powerful simulation-based activities during the workshop, that simulate real life security challenges.
Structured
Workshop Lessons
Lesson Plan
5. Securing Required Resource
How to ask for the required resources and build confidence in the mitigation plan to secure decision-maker commitment.
Mitigation fails when leaders don’t see the urgency or understand what the plan is trying to achieve. Security may know the right path but struggle to present a case that drives action.
Plans can be technical, fragmented or unclear. Without strong ownership and credible justification, decisions slow and exposure persists. Weak narratives create hesitation, delay and watered-down outcomes.
This course helps practitioners design clear mitigation strategies, communicate with authority and secure the commitment needed to reduce risk effectively.
A one-day deep-dive that helps you design credible mitigation plans, communicate risk with authority and secure the commitment needed to reduce exposure effectively.
NGSP Tier 5
Mitigating Risk
Driving Powerful Conversations - Featuring the PULSE Model12 days to the eventThu 18 DecVirtual - Zoom
Why Mitigation Fails - Featuring the SMART Controls Framework33 days to the eventThu 08 JanVirtual - Zoom
Security Blockages, Bottlenecks & Barriers - Featuring the 3R Concept47 days to the eventThu 22 JanVirtual - Zoom
- Security Alliance - Featuring the Stakeholder ConstellationThu 04 DecVirtual - Zoom
Calculating Loss - Featuring the VETs ModelThu 20 NovVirtual - Zoom
The Risk Landscape - Featuring the FACTR ModelFri 14 NovVirtual - Teams
Introduction
The NGSP Experience
Next Generation Security Practitioner blends video learning, live simulation and ready-to-use toolkits to create a fast, immersive learning arc. You won’t just hear ideas - you’ll test them under pressure, practise with realistic scenarios, and leave with methods you can apply immediately inside your organisation.
On-Demand Video
Learning
Powerful video lessons accompany the course to help introduce the core concepts and models covered
Team-based
Simulations
Learn experientially during the workshop on simulated activities that imitate real-life security challenges
Battlecards &
Take-Aways
Get equipped with ready-to-go methodologies and tools that you can apply in real-life
Six Tiers.
One Mission.
Security Excellence.
Next Generation Security Practitioner is not just a training programme - It's a transformational learning Arc.
NGSP courses mirror the real challenges security teams face - moving from identifying risk to influencing decisions, building alliances, and executing under pressure. Training that transforms practitioners from technical contributors into strategic operators who can read the landscape, align to the business, and lead with credibility.
Driving Capability - Not just knowledge
-
Building a stronger bridge between security and the business.
-
Turning data into decisions.
-
Increasing resilience not slowing progress.
-
Creating a culture where security is instinctive.
Not Theory - An immersive practical experience
You’ll learn by doing - live simulations that recreate the real-life security situations. No lectures. Just the tools, mindsets, and behaviours that better outcomes. All our courses will earn you 10 CPE hours.