Fundamentals of Risk Management in I.T.

Fundamentals of Risk Management in I.T.

Fundamentals of Risk Management In Information Security

Fundamentals of Risk Management In Information Security
East Carolina University Benjamin M. Woodworth July 12th, 2010

1

Fundamentals of Risk Management In Information Security

Abstract
This paper will be discussing some of the fundamental aspects of Risk Management inside the field of Information Security. The paper starts off with a general overview of the role that risk management plays in today’s businesses as they endeavor to keep information systems safe from potential threats and disasters. Following the general overview will be discussions of risk identification and risk assessment. After it has become clear how risk is identified and assessed the paper will discuss various risk control strategies along with documentation of the above mentioned identification and assessment processes. Last but not least, this paper will be covering the very important process of cost-benefit analysis and, very briefly, two well known best-practice methods for controlling risk. The two methods are the OCTAVE method and Microsoft’s approach to risk management.

2

Fundamentals of Risk Management In Information Security

Introduction
The term Risk refers to the probability or threat of a damage, injury, liability, loss, or other negative occurrence, caused by external or internal vulnerabilities, and which may be neutralized through pre-mediated action (BusinessDictionary, 2010). Risks are an inevitable part of the operation of all business in all parts of the world. No one is exempt from the impending possibility that something somewhere will go wrong at some point. Just about every aspect of a business involves some sort of risk. In order for a company to remain resilient and to run smooth, safe, and profitable operations it must be prepared for anything that could go wrong. Risk management uses policies, procedures, and practices to identify, analyze, assess, control and mitigate potential...

Similar Essays