Appendix G: Risk Assessment


Risk management is the process of selecting and implementing countermeasures to achieve an acceptable level of risk at an acceptable cost; beyond the cost–benefit analysis discussed previously in chapter “Understanding Forensic Readiness.” By examining in depth the potential threats faced by an organization, a better understanding of business risk can be gained that subsequently leads to identifying strategies, techniques, approaches, or countermeasures that reduce or mitigate impact. At a high level, this can be achieved by asking three basic questions:
• What can go wrong?
• What will we do?
• If something happens, how will we pay for it?
Thinking about these questions in context of a particular organization, ...

Get Implementing Digital Forensic Readiness now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.