Chapter 7
Information Security Risk Assessment: Reporting
Information in this chapter:
• Outline
• Risk Analysis Executive Summary
• Methodology
• Results
• Risk Register
• Report Template
Introduction
In an information security risk assessment, the compilation of all your results into the final information security risk assessment report is often as important as all the fieldwork that the assessor has performed. Some would even argue that it is the most important part of the risk assessment process. This is due to the fact that the final report and related derivative information (e.g. slide decks or summary memos) are the only deliverables that the stakeholders will see. It is essential to the credibility of your entire process that the final ...
Get Information Security Risk Assessment Toolkit now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.