Addendum E: Risk Assessment

Introduction

Risk management is the process of implementing countermeasures to achieve an acceptable level of risk; at an acceptable cost. By examining (in-depth) the potential threats faced by an organization, a better understanding of business risk can be gained that will lead to identifying strategies, techniques, approaches, or countermeasures that reduce or mitigate impact. Generally, this can be achieved by asking three basic questions:

•  What can go wrong?

•  What will we do?

•  If something happens, how will we pay for it?

Thinking about these questions in context of an organization, it might become clear that there are some areas where risk management could be applied, such as weaknesses in the software development ...

Get Implementing Digital Forensic Readiness, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.