INTRODUCTION TO RISK MANAGEMENT

Risk management is the procedure of identifying and controlling risks facing an organization. Risk management is the discipline which is employed for identifying, monitoring and limiting risks. In some of the cases the acceptable risk can be near zero. Risks can occur from accidents, natural calamities and disasters as well as deliberate attacks from an adversary. The several components of risk management and their relationship to each other are shown in Figure given below.2.1.The main ISO standards on risk management include in businesses, risk management organized activity to manage threats and uncertainty and involves people following procedures and by using tools in order to ensure conformance with risk management policies
 
Components of Risk Management

The whole process is made up of 2 major components. They are

• Risk identification is the procedure of examining and documenting an organization’s present information technology security situation.
• Risk control is the procedure of applying controls to reduce risks to an organizations data and information system.

Risk management is used in the public sector to identify and mitigate the risk to critical infrastructure. These methodologies comprise of the following elements, performed in the following order.

• identify assets and identify which are the most critical
• identify, characterize, and assess the threats
• assess vulnerability of critical assets to specific the threats
• determine the risk (that is the expected consequences of specific types of attacks on specific assets)
• identify the methods to reduce those risks
• prioritize the risk reduction measures based on strategy

 

 

Posted Date: 10/8/2012 5:44:17 AM | Location : United States

Ask an Expert

Related Discussions:- Introduction to risk management and its component, Assignment Help, Ask Question on Introduction to risk management and its component, Get Answer, Expert's Help, Introduction to risk management and its component Discussions

Write discussion on Introduction to risk management and its component
Your posts are moderated

Write your message here..

Related Questions

How an attacker can effectively de-layer and analyse data, Around the globe... Around the globe the bank controlled Co-ops (Visa, MasterCard, Discover, and American Express) have rolled out millions of smart cards under the EMV (Europay, MasterCard, VISA) sta

Tomcat server, how to access tomcat by internet how to access tomcat by internet

The major decision hierarchy for disclosing security problem, QUESTION ... QUESTION The major decision hierarchy for disclosing security problems is if the problem is with the product owned by the business or if it is used by the business. Although th

ITC 571 Emerging Technologies and Innovation Assignment, Ask quProject brie... Ask quProject brief template The project brief is a document upon which the full Project Proposal and Plan will be based. About me: Who are you? What do you do? What is your Exper

Information classification, INFORMATION CLASSIFICATION The classificatio... INFORMATION CLASSIFICATION The classification of information is an important aspect of policy and a control for the information protection. A clean desk policy stipulates that a

Address resolution protocol (arp), ADDRESS RESOLUTION PROTOCOL (ARP) T... ADDRESS RESOLUTION PROTOCOL (ARP) TCP/IP can use any of the three address resolution functions relaying on the addressing procedure used by the underlying hardware. To guarant

Explain how the diffie-hellman key agreement protocol works, (a) Using Fer... (a) Using Fermat's theorem, find 3 201 mod 11. (b) Explain how the Diffie-Hellman key agreement protocol works and what its purpose and main properties are. Consider a Dif

Tcp and udp, TCP and UDP End-to-end delivery application is connection... TCP and UDP End-to-end delivery application is connection less. The basic function of connectionless service are as given: It adds extension of LAN abstraction. It has simp

Illustrate about tinysec protocol, Illustrate about TinySec Protocol T... Illustrate about TinySec Protocol TinySec is implemented on the link layer and addresses security requirements of the resource staffed nodes in the WSN based on the link layer

Elliptic Curves, #questioAn elliptic curve y^2=x^3+ax+b(mod29) includes poi... #questioAn elliptic curve y^2=x^3+ax+b(mod29) includes points P=(7, 15) and Q=(16, 13) a)Determine the equation of the crve b) Determine all values of x for which there is no point