Risk Assesment

Risk analysis

​

The purpose of the risk assessment is to evaluate the adequacy of organizations’ security. 
The risk assessment provides a structured qualitative assessment of the operational environment. It addresses sensitivity, vulnerabilities, risks and safeguards. 

The assessment recommends safeguards to mitigate threats and associated exploitable vulnerabilities.

 

Approach to provide the service

​

This risk assessment methodology and approach is conducted using the Defense In Depth methodology. 

The assessment evaluates security vulnerabilities affecting confidentiality, integrity, and availability.  The assessment recommends appropriate security safeguards, allowing management to make knowledge-based decisions about security-related initiatives Risk Assessment Process.

This section details the risk assessment process performed during this effort. The process is divided into two sections: pre-Assessment and assessment. 

​

 Phase I – Pre-Assessment

    Step 1: Identify business processes and define the assets

    Step 2: Data Collection

 

 Phase II – Assessment

   Step 1: Document Review

   Step 2: System Characterization

   Step 3: Vulnerability Identification 

   Step 4: Risk Determination (Calculation/Valuation)

 

 

Design the approaches above.