24 Explain elements of the risk management process

Introduction

This chapter covers the second objective in Domain 5.0, Security Program Management and Oversights, of the CompTIA Security+ exam.

In this chapter, we will look at the elements of effective security governance, investigating all the different stages of risk management, from identification to risk assessment and analysis, and look at calculating loss using Single Loss Expectancy (SLE), Annualized Rate of Occurence (ARO), and Annualized Loss Expectancy (ALE). In the final sections, we will consider the purpose of risk registers, risk tolerance, and risk management strategies with risk reporting and Business Impact Analysis (BIA).

Risk is the probability that an event will happen, ...

Get CompTIA Security+ SY0-701 Certification Guide - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-701 Certification Guide - Third Edition by Ian Neil

24

Explain elements of the risk management process

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly