IT departments are tasked with new projects and initiatives but are often unsure how to assess the risk with these. There are many frameworks out there, but companies often focus on informal discussions to assess the risk.

This phase will help you develop a methodology for conducting threat and risk assessments by first assessing risks given current mitigating controls in place, then reassessing those risks with proposed controls in place.

By following this process, you will be able to assess your risk on a per-project basis. After completing this once, you will have a repeatable process in which to conduct assessments for future projects.

Use this phase as part of the full blueprint, Combine Information Security Risk Management Components Into One Program.

Also In

Combine Security Risk Management Components Into One Program

With great risk management comes a great security program.

Related Content

Hide Details

Search Code: 88023
Published: March 22, 2019
Last Revised: March 22, 2019


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019