SECURITY KNOWLEDGE


China Defender

Risk Assessment Process Considerations

Release time:

2018-05-05

Author:

Source:


Summary:

There are several key issues to consider during the risk assessment process. First, what is the object (or asset) to be protected? What is its direct and indirect value? What are the potential threats to assets? What's the problem with the threat? How likely is the threat? Third, what weaknesses exist in the asset that could be exploited by the threat? How easy is it to use? Fourth, once a threat event occurs, what kind of loss or negative impact will the organization suffer? Finally, what security measures should the organization take to minimize the loss of risk? solve the above problems

There are several key issues to consider during the risk assessment process.

First, what is the object (or asset) to be protected and what is its direct and indirect value?

Second, what are the potential threats to the asset? What are the problems that lead to the threat? How likely is the threat to occur?

Third, what weaknesses in the asset are likely to be exploited by the threat, and how easy is it to exploit?

Fourth, once a threat event occurs, what kind of loss or negative impact will the organization suffer?

Finally, what security measures should the organization take to minimize the loss of risk?

The process of solving the above problems is the process of risk assessment.

When conducting a risk assessment, there are several correspondences that must be considered:

Each asset may face multiple threats

There may be more than one threat source (threat agent)

Each threat may exploit one or more weaknesses

Key words: