In this phase, you will start building the inventory of all your risks in the form of the Security Risk Register. This will allow you to combine all risks you have identified and have a view of the overall risk profile. This phase will take you through the following activities:
- Establish a risk register as part of the risk management program.
- Review the summarized results.
Use this phase as part of the full blueprint, Combine Information Security Risk Management Components Into One Program.