1. Confidentiality
2. Integrity
3. Availability
4. Authenticity
5. Non-repudiation
IT Risk Assessment
1. List IT Assets & Asset Values
2. Identify Treats & Vulnerabilities
3. Calculate Risk Estimates (Threat Impact X Breach Occurance Likelihood; or Annual Loss Expectancy (ALE) = Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO))
4. Define Mitigation Measures
5. Acknowledge Residual Risks
Important Highlights:
“There is no way to eliminate every threat in our business (no such thing as absolute security).”
“Our goal is to MANAGE RISKS, so that the problems resulting from them will be minimized.”
2. Identify Treats & Vulnerabilities
3. Calculate Risk Estimates (Threat Impact X Breach Occurance Likelihood; or Annual Loss Expectancy (ALE) = Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO))
4. Define Mitigation Measures
5. Acknowledge Residual Risks
Important Highlights:
“There is no way to eliminate every threat in our business (no such thing as absolute security).”
“Our goal is to MANAGE RISKS, so that the problems resulting from them will be minimized.”
Subscribe to:
Posts (Atom)