O'Reilly logo

Managing Risk in Information Systems by Darril Gibson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 5. Defining Risk Assessment Approaches

A RISK ASSESSMENT IS PERFORMED to identify the most serious risks. Earlier chapters in this book presented risk management techniques. These included avoid, transfer, mitigate, or accept. The risk assessment allows you to prioritize the risks. You manage the high-priority risks and accept the low-priority risks. The risk assessment also helps you identify the best methods to control the risks. This helps ensure the controls you purchase provide the best benefits.

There are two primary methods used to create a risk assessment, quantitative and qualitative. You can use a quantitative method with predefined formulas. For example, you can calculate annual loss expectancy (ALE) by multiplying annual rate ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required