Quantify Risks

Previous page
Table of content
Next page

To determine whether to proceed with a full risk assessment, an overview of the new or changed dynamic is required. Areas to consider include:

  • The cause for the change

  • The potential effect

  • The rationale for the change

  • Who is triggering the change

Based on an understanding of the change in dynamics, identify the potential risks to the company. These risks may be ongoing risks that have already been addressed or may be new risks. Outline both IT and business risks.

When the risks have been defined, a cursory review should be completed to determine which risks currently have been addressed and have had controls implemented through prior efforts, and which risks are new and have not been formally reviewed in the past.

For each risk identified, consider both the risk description and potential cost of the risk. If the risk has been previously analyzed , summarize previous review results .



Previous page
Table of content
Next page
Information Technology Security. Advice from Experts
Information Technology Security. Advice from Experts
ISBN: 1591402484
EAN: N/A
Year: 2004
Pages: 113
BUY ON AMAZON
CISSP Exam Cram 2
Inside Network Security Assessment: Guarding Your IT Infrastructure
Certified Ethical Hacker Exam Prep
Cisco Voice Gateways and Gatekeepers
Professional Struts Applications: Building Web Sites with Struts ObjectRelational Bridge, Lucene, and Velocity (Experts Voice)
User Interfaces in C#: Windows Forms and Custom Controls
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy