So what really is risk?...simply put: Risk = Probability + Severity
Seems simple how does an organization really understand their risk so it can identify, assess and prioritize what needs attention? Answer --> Risk Management
Risk Management:
Risk management has specific process divided into risk identification and assessment and risk control.
Reference for great visuals:
Vlajic, N.. "Security Risk Management."CSE 4482 Computer Security Management: Assessment and Forensics. N.p., n.d. Web. 4 May 2013. http://www.cse.yorku.ca/course_archive/2010-11/F/4482/CSE4482_03_SecurityRiskManagement_Part1.pdf
No comments:
Post a Comment