Chapter 17

Performing the Business Risk Assessment

Abstract

A Business Risk Assessment reviews the risks to the agency mission and determines if they are acceptable or not. Business risks affect the ability for an agency to achieve its mission. Conducting a Business Risk Assessment is a way of looking at the critical business functions from a legacy point of view and seeing things the way business processes were accomplished on paper, years ago, before computers came into existence. By determining business risk first, you will be better able to determine system risk.

Keywords

Business Risk Assessment; Mission map; Sensitivity model; Likelihood; Impact; Risk exposure; Natural disasters; Annualized Rate of Occurrence; Standard Annual Frequency Estimate; ...

Get FISMA Compliance Handbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.