Professional Documents
Culture Documents
Chapter 4
Chapter 4
Security,
Fourth Edition
Chapter 4
Managing IT Risk
Learning Objectives
– Risk =
(likelihood * value or impact) –
(percentage risk already controlled) +
(uncertainty element )
Principles of Information Security, Fourth Edition 27
Identify Possible Controls
Ranked vulnerability risk worksheet Assigns ranked value of risk rating for
each uncontrolled asset-vulnerability pair
Principles of Information
Security, Fourth Edition 54
Documenting Results