CHAPTER 2

IT Risk Assessment

In this chapter, you will:

•   Understand the role of risk assessments and risk analysis in the risk management life cycle

•   Learn about the techniques used to identify various types of risks

•   Become familiar with risk identification and risk analysis techniques such as threat modeling, vulnerability analysis, control deficiency analysis, root cause analysis, and risk scenario development

•   Understand the concepts and steps taken in a risk assessment

•   Be familiar with the role and structure of a risk register

•   Understand the concepts of inherent risk and residual risk

This chapter covers Certified in Risk and Information Systems Control Domain 2, “IT Risk Assessment.” The domain represents 20 percent ...

Get CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide, Second Edition, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.