O'Reilly logo

Managing Risk in Information Systems, 2nd Edition by Gibson

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER

11

Turning Your Risk Assessment into a Risk Mitigation Plan

ONCE THE RISK ASSESSMENT IS COMPLETE and approved, the next step is to create a risk mitigation plan. This plan will implement the approved countermeasures. If much time has passed since the risk assessment was completed, you may have to check some of the findings to ensure they are still valid. For example, some threats or vulnerabilities may have disappeared.

A significant part of the risk mitigation plan is the identification of costs. Ideally, the risk assessment will already have identified the costs, but some hidden costs may have been overlooked. If you discover additional costs, you’ll need to recalculate the cost-benefit analysis. Lastly, it’s important to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required