9.2. Identify the Impact of Threats to Critical Assets
Risk broadens the view of threat by considering how threats ultimately affect an organization. In this activity, you create and record narrative descriptions of potential impacts that can result from threats to your critical assets. As you do this, you establish the link among assets, threats, and what is important to your organization (i.e., your business objectives), providing you with a basis on which you can analyze your risk.
Step 1: Review Information
Before you work though the steps in this activity, you need to review information about your critical assets. This is important, because you are building on information from process 4, which you probably completed a while ago. Specifically, ...
Get Managing Information Security Risks: The OCTAVESM Approach now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.