Downloaded 48 times
Uploaded byAngelo Sala
Risk assessment on information security
The document discusses performing a risk assessment on information security. The goals are to identify risk factors in sensitive IT processes, organizational structure, human resources, and the environment. Risks are then classified and assigned information values related to data integrity, confidentiality, and availability. The document outlines estimating the probability and potential damages of bad events, and determining risk levels. It recommends establishing mitigation actions to reduce risk levels.
More Related Content
Similar to Risk assessment on information security
Risk assessment on information security
- 1. risk assessment on informationsecurity Angelo Sala - November 2010 http://www.flickr.com/photos/borghetti/43058749/
- 2. goal: to reducerisks related to information security http://www.flickr.com/photos/keylosa/184606430/
- 3. you have toidentify risk activities among sensitive processes http://www.flickr.com/photos/emiliano-iko/4045654001/
- 4.
- 5.
- 6.
- 7.
- 8. identify and classifyrisks by factors and … http://www.flickr.com/photos/stephenpoff/3032885683/
- 9.
- 10.
- 11.
- 12. you have toestimate bad event probability http://www.flickr.com/photos/jackpix/146384867/
- 13.
- 14. if the company reputationis involved http://www.flickr.com/photos/striatic/2191404675/ so you get risk levels that could increase …
- 15. .. and finallyyou have to establish mitigation actions in order to reduce risk level
- 16. Number of risksidentified * (Middle & High level) human resources organization IT environment 45 5 11 27 * fake data
- 17. Measured vs. Expected* risk index 31,5 9,5 15,5 20 22,5 12,25 6,25 16,5 human resources organization IT environment * fake data
- 18. and then … you’llhave to roll up your sleeves and start mitigation actions http://www.flickr.com/photos/pennstatelive/5059771553/