Professional Documents
Culture Documents
A719552767 - 24968 - 24 - 2019 - ppt4 Info Risk
A719552767 - 24968 - 24 - 2019 - ppt4 Info Risk
ANALYSIS
KEY POINTS
• What is Risk Management?
• What is the need for Risk Management?
• Approach to Risk Management
• Risk Assessment
What is Risk?
• Risk is made up of two parts:
• -The probability of something going wrong
and
• -The negative consequences if it does.
Risk
• Risk refers to the potential for loss or damage
when a threat exploits a vulnerability.
• Examples of risk include financial losses as a
result of business disruption, loss of privacy,
reputational damage, legal implications and can
even include loss of life.
• Risk can also be defined as follows:
• Risk = Threat X Vulnerability
• You can reduce the potential for risk by creating
and implementing a risk management plan.
• Vulnerability: is a weakness which allows an
attacker to reduce a system’s information
assurance.
• Known weakness in security of system or
organization.
• Example: former employee of an organization
Risk Management Process
IDENTIFICATION
CATEGORIZE
MANAGE
MONITOR
Risk Management Process
• Following activities involved in risk
management process:-
• 1.)Identification:make note of all possible
risks,which may occur.
• 2.)Categorize/Prioritization:categorize
known risks into risk itensity as per their
possible impact.(High,Medium,Low).
• 3.)Manage:Analyze the probability of
occurance of risks at various phases.
• Make plan to avoid or face risks,attempt to
minimize their side-effects.
• 4.)Monitor:closely monitor the potential risks
their early symptoms.Also monitor the effects
of steps taken to mitigate or avoid them.
RISK MANAGEMENT PROCESS
Risk Analysis
• It is a systematic process to estimate the level
of risk for identified and approved risks. This
involves estimating the probability of
occurance and consequences of occurance .
• Risk analysis is the process of defining
and analyzing the dangers to individuals,
businesses and government agencies posed by
potential natural and human-caused adverse
events.
Risk analysis
• Investigation of available information to
identify hazards and estimate risks.