How to handle requirements for risk assessment methodologies

How to handle requirements for risk assessment methodologies

Cover


Over time, the information security/risk management profession has developed a variety of methods for assessing risk within an organization. These methods often reflect the conditions and objectives of the organization being assessed (as understood by the assessor), the prevailing practices within the profession at the time, the experience and knowledge level of the assessor(s), as well as any bias or agenda the  assessor(s) might bring to the table. Another important factor that has often played a role is the definition of “risk” as used within the methodology. As a result of these variables, risk assessment results have varied widely in terms of consistency, accuracy, and utility to management. This  Guide seeks to identify and articulate the characteristics that make up effective risk assessment methodologies, thus providing a standard set of guidelines for risk assessment methodologies

Vendor:
ComputerWeekly.com
Posted:
24 Oct 2011
Published
25 Nov 2010
Format:
PDF
Length:
28 Page(s)
Type:
White Paper
Language:
English
Already a Bitpipe member? Login here

Download this White Paper!

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy