tailieunhanh - Chapter 17 – Risk Management

The idea of analyzing your business processes and determining what are the risks that threaten those processes, and choosing cost effective countermeasures to minimize the risks and the associated losses. | Security+ All-In-One Edition Chapter 17 – Risk Management Brian E. Brzezicki Risk Management Risk Management (493) The idea of analyzing your business processes and determining what are the risks that threaten those processes, and choosing cost effective countermeasures to minimize the risks and the associated losses. Risk Management Terms (494) Risk – the possibility of suffering harm or loss Risk Management/Risk Analysis – the overall decision making process of identifying the risks (threats and vulnerabilities) and mitigating actions to determined the impact of an event that would affect a project, program or business (more) Risk Management Terms (494) Asset – resource or information an organization needs to conduct it’s business Threat – any circumstance or event with the potential to cause harm to an asset. Vulnerability - A software hardware or procedural weakness that may provide an attacker the opportunity to obtain unauthorized access. Impact – the resulting loss when a . | Security+ All-In-One Edition Chapter 17 – Risk Management Brian E. Brzezicki Risk Management Risk Management (493) The idea of analyzing your business processes and determining what are the risks that threaten those processes, and choosing cost effective countermeasures to minimize the risks and the associated losses. Risk Management Terms (494) Risk – the possibility of suffering harm or loss Risk Management/Risk Analysis – the overall decision making process of identifying the risks (threats and vulnerabilities) and mitigating actions to determined the impact of an event that would affect a project, program or business (more) Risk Management Terms (494) Asset – resource or information an organization needs to conduct it’s business Threat – any circumstance or event with the potential to cause harm to an asset. Vulnerability - A software hardware or procedural weakness that may provide an attacker the opportunity to obtain unauthorized access. Impact – the resulting loss when a threat exploits a vulnerability (more) Risk Analysis Terms (495) Countermeasures / control / safeguard – a measure taken to detect, prevent, or mitigate the risk associated with a threat. Qualitative Risk Analysis – The process of subjectively determining the impact of an event. Quantitative Risk Analysis – The process of objectively determining the impact of an event. Specifically assigning numbers to understand the event (probability, Loss, cost etc) (more) Random Thoughts (497) Risks are not just about network security. Risks can be Fires Tornados Floods Blizzards Hacking Vendors going out of business Revenue Streams stopping Fraud (more) Random Thoughts Risk Management always is concerned with providing COST EFFECTIVE safeguards Don’t bother protecting something if the cost of protecting it, is more than it’s worth! Risk also can be hard to quantify (reputation)? What’s a reputation worth to a business? Risk management Flowchart (496) Quantitative Risk Analysis Terms EF - Exposure .