IT Examiner School, Palm Springs, CA

First page Table of contents Previous page 145 Next page Last page

Risk Assessment Process

Identify and value sensitivity of information assets.

Identify potential internal/ external threats and/or vulnerabilities.

Rank likelihood and impact of threats and/or vulnerabilities.

Assess sufficiency of risk control policies, procedures, information systems, etc.

Inherent Risk >>> Residual Risk

Made with FlippingBook - professional solution for displaying marketing and sales documents online