3 Questions
What is the primary focus of risk management?
Identifying threats to essential functions
What is the first step of the risk management process?
Identifying critical systems and assets
What are the two main variables when calculating risk?
Impact and likelihood
Study Notes
- Risk management is a process for identifying, assessing, and mitigating vulnerabilities and threats to the essential functions of a business.
- Risk management must focus on mission essential functions that could cause the whole business to fail if they are not performed.
- Part of this process involves identifying critical systems and assets that support these functions.
- For each function or workflow, analyze systems and assets to discover and list any vulnerabilities or weaknesses to which they may be susceptible.
- For each risk, identify possible countermeasures and assess the cost of deploying additional security controls.
- Most risks require some sort of mitigation, but other types of response might be more appropriate for certain types and level of risks.
- For each business process and each threat, you must assess the degree of risk that exists. Calculating risk is complex, but the two main variables are likelihood and impact: likelihood of occurrence and impact.
- Risk management is a complex process that is treated very differently in companies of different sizes and with different regulatory and compliance requirements.
Explore the principles and practices of risk management for business operations, including identifying critical systems, assessing vulnerabilities, and implementing security controls. Understand the complex process of calculating risk and the different approaches based on company size and regulatory requirements.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
