MODULE 6

IT Risk Assessment

Recall from Module 5 that risk is a combination of several elements: assets, vulnerabilities, threats, threat agents, likelihood, and impact. Although Module 5 discussed these elements in depth, you have not yet learned how to assess risk, and that’s the focus of this module. We will look at different methods for evaluating and assessing risk. We will look at calculating likelihood and impact factors, as well as how to frame risk response in light of our risk assessments.

Assessing Risk

Risk assessment is the process of evaluating likelihood and impact factors in conjunction with the risk elements previously discussed, such as threat, vulnerability, and assets. The purpose of assessing risk is to determine, as definitively ...

Get Mike Meyers' CompTIA Security+ Certification Guide (Exam SY0-401) now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.