In order to successfully manage risk, one must understand risk itself and the assets at risk. The
Question:
In order to successfully manage risk, one must understand risk itself and the assets at risk. The way one goes about managing risk will depend on what needs to be protected, and from what to protect it.
Discuss at least three rationales for performing an information systems security risk assessment.
Explain the differences in quantitative, qualitative, and hybrid information systems risk assessment and describe the conditions under which each type is most applicable.
Describe the type of information that is collected to perform an effective information systems security risk assessment. Include at least three different types.
Describe at least five common tasks that should be performed in an information systems security risk assessment.
Financial Markets and Institutions
ISBN: 978-0077861667
6th edition
Authors: Anthony Saunders , Marcia Cornett