INTRODUCTION TO RISK MANAGEMENT

Risk management is the procedure of identifying and controlling risks facing an organization. Risk management is the discipline which is employed for identifying, monitoring and limiting risks. In some of the cases the acceptable risk can be near zero. Risks can occur from accidents, natural calamities and disasters as well as deliberate attacks from an adversary. The several components of risk management and their relationship to each other are shown in Figure given below.2.1.The main ISO standards on risk management include in businesses, risk management organized activity to manage threats and uncertainty and involves people following procedures and by using tools in order to ensure conformance with risk management policies
 
Components of Risk Management

The whole process is made up of 2 major components. They are

• Risk identification is the procedure of examining and documenting an organization’s present information technology security situation.
• Risk control is the procedure of applying controls to reduce risks to an organizations data and information system.

Risk management is used in the public sector to identify and mitigate the risk to critical infrastructure. These methodologies comprise of the following elements, performed in the following order.

• identify assets and identify which are the most critical
• identify, characterize, and assess the threats
• assess vulnerability of critical assets to specific the threats
• determine the risk (that is the expected consequences of specific types of attacks on specific assets)
• identify the methods to reduce those risks
• prioritize the risk reduction measures based on strategy

 

 

Posted Date: 10/8/2012 5:44:17 AM | Location : United States

Ask an Expert

Related Discussions:- Introduction to risk management and its component, Assignment Help, Ask Question on Introduction to risk management and its component, Get Answer, Expert's Help, Introduction to risk management and its component Discussions

Write discussion on Introduction to risk management and its component
Your posts are moderated

Write your message here..

Related Questions

SNORT, Detect each visit to www.google.com that is made by the machine. o S... Detect each visit to www.google.com that is made by the machine. o Send an alert when an activity relating to network chat is detected. o Send an alert when an attempt is made for

Direct point-to-point communication:, Early networks used simple point-to... Early networks used simple point-to-point communication . In such a method of communication every communication channel connects exactly two devices. In this way it prepares a m

Parsing ipv6 headers, PARSING IPv6 HEADERS Base header is fixed in siz... PARSING IPv6 HEADERS Base header is fixed in size i.e. 40 octets. NEXT HEADER field in the base header describe kind of header and it seems at end of fixed-size base header. S

Arrangement of self-learning switches, QUESTION a) Consider the speed ... QUESTION a) Consider the speed of propagation of an electrical signal is same to 2x10 8 m/s, evaluate the ratio of the propagation delay to the transmit time for the given typ

Object tracking using wireless sensor networks, This project involves the d... This project involves the design and development of a simulation environment of many sensors tagging material/ machinery/equipment/etc in a warehouse site to help monitor and manag

What is authentication? explain authentication protocols, What is Authentic... What is Authentication/confirmation?  How it is different from  the Authorization/approval?  Explain in brief different authentication protocols along with their merits and demerit

Asymmetric encryption-cryptography, Asymmetric Encryption Asymmetric encr... Asymmetric Encryption Asymmetric encryption method makes use of two different but related keys and either key can be used to encrypt or decrypt the message. This method is freque

Explain about structure of management information, Question 1 a) What is a... Question 1 a) What is a NMS? Question 2 Explain about Structure of Management Information Question 3 A)In which UDP port number does a protocol entity receive message?

Topology, What is the concept of topology? What is the concept of topology?

What is meant by certificate revocation, QUESTION (a) Which PKI (Public... QUESTION (a) Which PKI (Public Key Infrastructure) model is typically favored by business organization? (b) Give one possible use of the "extensions" field of an X.509 certi