Risk assessment is also known as risk analysis. It deals with the threats, vulnerabilities, and impacts of a loss of information-processing capabilities or information itself. Each risk that can be identified should be outlined, described, and evaluated for the likelihood of it occurring. The key is to think out of the box. Conventional threats/risks are often too limited when considering risk assessment.
The key components of a risk-assessment process are outlined here:
Risks to Which the Organization Is Exposed This component allows you to develop scenarios that can help you evaluate how to deal with these risks if they occur. An operating system, server, or application may have known risks in certain environments. You should ...