Ransomware is a type of malicious software used by cyber-criminals to block organizations or individuals from accessing their own data. The digital extortionists encrypt the files on the victim's system and add extensions to the attacked data. In doing this, the perpetrators can hold the data hostage until the demanded ransom is paid. Depending on the sensitivity of the data, the perpetrators will threaten to publish the victim's data, permanently block access to it, or even destroy the data if the ransom is not paid. With ransomware attacks increasing, companies turn to their audit teams for reassurance. They ask their internal audit team to assess the organizations' protection from these attacks. This course gives a basic overview of how to mitigate the risk of ransomware attacks. <br/><br/> This overview course may be appropriate for professionals at all organizational levels.