Threat Assessments
A threat assessment identifies and evaluates potential threats. The goal is to identify as many potential threats as possible and then evaluate the threats. One important element is an estimate of a threat’s frequency.
Risk assessments and threat assessments have one common characteristic, time. A risk assessment is performed at a specific time. Risks that exist today may not exist in a year. Similarly, a threat assessment is performed at a specific time. The threat assessment evaluates current threats in the existing environment.
NOTE
Threat assessments will not always be complete. A listing of all potential threats will ...
Get Managing Risk in Information Systems, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
