Assess Mitigation Practices

Previous page
Table of content
Next page

The next step is to assess the mitigation strategies that are currently in place and determine what additional mitigation strategies need to be used in order to effectively manage the risks. Controls may include those that form a part of the hierarchy of controls, or they may be the result of transfer of the risk.

Typically, different vulnerabilities and threats will exist within different areas, all contributing to the risks under review. Where appropriate, the assessment of current mitigation may be undertaken by different business areas. For example, mitigating risks associated with access controls is in fact a shared responsibility between IT, business managers and human resources. The risk cannot be isolated and mitigated simply by introducing new software. A process, agreed to by all parties, must be developed and adhered to in order to ensure accesses are terminated , for example, when an individual leaves the company.



Previous page
Table of content
Next page
Information Technology Security. Advice from Experts
Information Technology Security. Advice from Experts
ISBN: 1591402484
EAN: N/A
Year: 2004
Pages: 113
BUY ON AMAZON
ADO.NET 3.5 Cookbook (Cookbooks (OReilly))
Lotus Notes and Domino 6 Development (2nd Edition)
SQL Tips & Techniques (Miscellaneous)
Making Sense of Change Management: A Complete Guide to the Models, Tools and Techniques of Organizational Change
Introducing Microsoft ASP.NET AJAX (Pro - Developer)
Information Dashboard Design: The Effective Visual Communication of Data
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy