CHAPTER 3
Information Security Risk Assessment
In this chapter, you will learn about
• Benefits and outcomes of an information risk management program
• Developing a risk management strategy
• Risk assessment and risk management standards and frameworks
• The risk management life-cycle process
• Vulnerability and threat analysis
• Integrating risk management into an organization’s practices and culture
• The components of a risk assessment: asset value, vulnerabilities, threats, and probability and impact of occurrence
• Qualitative and quantitative risk analysis
• The risk register
• Risk management in other business processes
This chapter covers Certified Information Security Manager (CISM) Domain 2, “Information Security ...
Get CISM Certified Information Security Manager All-in-One Exam Guide, Second Edition, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
