• Like

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Risk assessment on information security

  • 672 views
Uploaded on

 

More in: Education , Technology , Sports
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
672
On Slideshare
0
From Embeds
0
Number of Embeds
2

Actions

Shares
Downloads
31
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. risk assessment on information security Angelo Sala - November 2010 http://www.flickr.com/photos/borghetti/43058749/
  • 2. goal : to reduce risks related to information security http://www.flickr.com/photos/keylosa/184606430/
  • 3. you have to identify risk activities among sensitive processes http://www.flickr.com/photos/emiliano-iko/4045654001/
  • 4. 1. IT (information technologies) http://www.flickr.com/photos/johnseb/3425464/ identify risk factors …
  • 5. 2. organization http://www.flickr.com/photos/thomasguest/3581215442/
  • 6. 3. human resources http://www.flickr.com/photos/pietel/3468574846/
  • 7. 4. environment http://www.flickr.com/photos/theplanetdotcom/4878805271/
  • 8. identify and classify risks by factors and … http://www.flickr.com/photos/stephenpoff/3032885683/
  • 9. by information values http://www.flickr.com/photos/sidelong/305305214/ 1. data integrity
  • 10. 2. confidentiality http://www.flickr.com/photos/giltron/315026788/
  • 11. 3. availability http://www.flickr.com/photos/davidjwbailey/3676408544/
  • 12. you have to estimate bad event probability http://www.flickr.com/photos/jackpix/146384867/
  • 13. evaluate damages ($) http://www.flickr.com/photos/dawn_perry/237343945/
  • 14. if the company image is involved http://www.flickr.com/photos/striatic/2191404675/ so you get risk levels that could increase …
  • 15. .. and finally you have to establish mitigation actions in order to reduce risk level
  • 16. Number of risks identified (Middle & High level) human resources organization IT environment 45 5 11 27
  • 17. Measured vs. Expected risk index (after playng actions) 31,5 9,5 15,5 20 22,5 12,25 6,25 16,5 human resources organization IT environment
  • 18. and then … you’ll have to roll up your sleeves and start mitigation actions http://www.flickr.com/photos/pennstatelive/5059771553/