INTRODUCTION TO RISK MANAGEMENT

Risk management is the procedure of identifying and controlling risks facing an organization. Risk management is the discipline which is employed for identifying, monitoring and limiting risks. In some of the cases the acceptable risk can be near zero. Risks can occur from accidents, natural calamities and disasters as well as deliberate attacks from an adversary. The several components of risk management and their relationship to each other are shown in Figure given below.2.1.The main ISO standards on risk management include in businesses, risk management organized activity to manage threats and uncertainty and involves people following procedures and by using tools in order to ensure conformance with risk management policies
 
Components of Risk Management

The whole process is made up of 2 major components. They are

• Risk identification is the procedure of examining and documenting an organization’s present information technology security situation.
• Risk control is the procedure of applying controls to reduce risks to an organizations data and information system.

Risk management is used in the public sector to identify and mitigate the risk to critical infrastructure. These methodologies comprise of the following elements, performed in the following order.

• identify assets and identify which are the most critical
• identify, characterize, and assess the threats
• assess vulnerability of critical assets to specific the threats
• determine the risk (that is the expected consequences of specific types of attacks on specific assets)
• identify the methods to reduce those risks
• prioritize the risk reduction measures based on strategy

 

 

Posted Date: 10/8/2012 5:44:17 AM | Location : United States

Ask an Expert

Related Discussions:- Introduction to risk management and its component, Assignment Help, Ask Question on Introduction to risk management and its component, Get Answer, Expert's Help, Introduction to risk management and its component Discussions

Write discussion on Introduction to risk management and its component
Your posts are moderated

Write your message here..

Related Questions

Write pseudocode for the password guessing algorithm, Write Pseudocode for ... Write Pseudocode for the password guessing algorithm: Consider the following authentication protocol: Client Transmission Host

Routing table, ROUTING TABLE For efficiency, information about forward... ROUTING TABLE For efficiency, information about forwarding is saved in a routing table, which is started at system initialization and must be updated as network topology modif

Explain major differences between wpa and wpa2, Question: Suppose the f... Question: Suppose the following brief history of WLAN security standards: When the security of WEP was broken, the industry turned to the IEEE to fix it. The IEEE said it could

Policy management-information security, POLICY MANAGEMENT Policies should... POLICY MANAGEMENT Policies should be managed as they constantly change. Good policy development and maintenance make a more resilient organization. All policies undergo tremendou

Find the services implemented on your computer, Question: (a) Which typ... Question: (a) Which type of attacker represents the most likely and most damaging risk to your network? (b) What is the basic reason that social engineering attacks succeed?

Fragmentation and path mtu, FRAGMENTATION AND PATH MTU IPv6 source is ... FRAGMENTATION AND PATH MTU IPv6 source is responsible for fragmentation. Routers simply drop datagrams bigger than network MTU. So source have to fragment datagram to arrive d

Explain belady''s anomaly, Belady's Anomaly Also known FIFO anomaly. G... Belady's Anomaly Also known FIFO anomaly. Generally, on raising the number of frames given to a process' virtual storage, the program execution is faster, because lesser page

Ipv6 next header, IPV6 NEXT HEADER It is given in the figure below: IPV6 NEXT HEADER It is given in the figure below:

Cyber security - vulnerabilities, The world has to deal with newly released... The world has to deal with newly released vulnerabilities on a daily basis.  These vulnerabilities eventually lead to active exploits of systems, and it is our job as cyber securit

Attackers motives behind the cyber attack, Attacker's Motives behind the Cy... Attacker's Motives behind the Cyber Attack Before adapting the necessary measures to deal with the problem, understanding and evaluating the blogger's psyche and his motivation