The purpose of this document is to provide an overview of the process involved in performing a threat and risk assessment. There are many methodologies that exist today on how to perform a risk and threat assessment. There are some that are "open-source" and those that are proprietary. The outcome or objective of a threat and risk assessment is to provide recommendations that maximize the protection of confidentiality, integrity and availability while still providing functionality and usability. In order to best determine the answers to these questions a company or organization can perform a threat and risk assessment. This can be accomplished using either internal or external resources. It is important that the risk assessment be a collaborative process, without the involvement of the various organizational levels the assessment can lead to a costly and ineffective security measure.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
