Choosing the Best Risk-Assessment Approach
Every organization is unique in how it operates and maintains the confidentiality, integrity, and availability of its IT infrastructure and assets. The following are three basic approaches to conducting a risk and vulnerability assessment on an IT infrastructure and its assets:
Top-down approach— A top-down approach requires the existence of the corporate IT policies, standards, procedures, and guidelines. In addition, baseline configurations or minimum acceptable baseline configurations that have incorporated the minimum standard for security are required. With a security framework in place, it is easiest to commence with the vulnerability assessment, starting with these foundational documents. From ...
Get Inside Network Security Assessment: Guarding Your IT Infrastructure now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.