Risk assessment is the process of identifying vulnerabilities and threats to
an organization’s information resources or IT infrastructures in achieving
business objectives and deciding what counter measures, if any, to take in reducing
the level of countermeasures and deciding which, if any, to take in reducing
risk to an appropriate acceptable level, based on the value of the information
resource to the organization.
A follow up to “Risk Management on IS”, this document takes a detailed
look at developing and implementing a risk management & assessment method
to safeguard & protect Information System assets of an organization.
This document is in pdf format. To
view it click here.