Combine Security Risk Management Components Into One Program – Phase 2: Conduct Threat and Risk Assessments

Author(s): Sean Thurston, Filipe De Souza, Ian Mulholland, Cameron Smith

1 Download

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.

IT departments are tasked with new projects and initiatives but are often unsure how to assess the risk with these. There are many frameworks out there, but companies often focus on informal discussions to assess the risk.

This phase will help you develop a methodology for conducting threat and risk assessments by first assessing risks given current mitigating controls in place, then reassessing those risks with proposed controls in place.

By following this process, you will be able to assess your risk on a per-project basis. After completing this once, you will have a repeatable process in which to conduct assessments for future projects.

Use this phase as part of the full blueprint, Combine Information Security Risk Management Components Into One Program.

Related Content

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019