RISK ASSESSMENT AND RISK MANAGEMENT
Robert V. Jacobson
62.1 INTRODUCTION TO RISK MANAGEMENT
62.1.1 What Is Risk?
There is general agreement in the computer security community with the common dictionary definition: “the possibility of suffering harm or loss.” The definition shows that there are two parts to risk: the possibility that a risk event will occur, and the harm or loss that results from occurrences of risk events. Consequently, the assessment of risk requires consideration of both factors: the frequency of threat events that ...