Up One Level

Information Security Risk Assessment


An Information Security Risk Assessment is an initiative which identifies :-

  1. the nature and value of the Information Assets or Business Assets
  2. the threats against those assets, both internal and external
  3. the likelihood of those threats occurring
  4. the impact upon the organisation.

Risk is defined as a danger, possibility of loss or injury; and the degree of probability of such loss. Before introducing Information Security safeguards, you must be aware of the dangers to which you are exposed, the risks and likelihood of such events taking place, and the estimated impact upon your organisation were each to actually occur.

In order to determine the overall level of Information Security safeguards required, you should consider performing a comprehensive Information Security Risk Assessment.

*** The Information Security Glossary ***
Previous PageTop of this pageNext Page

Buy Now:


This Glossary forms part of the RUsecure Security Policy Suite... visit RUsecure Security Policy World
Use of the guidance contained within RUsecure™ is subject to the End User Licence Agreement
This site created with EasyHTMLHelp(tm) for MS Word
 Risk Associates: Resources for Security Risk Analysis, ISO 17799 / BS7799, Security Policies and Security Audit