Can just anyone conduct a security risk assessment? The short answer is no; this type of project is very complex and requires a knowledgeable professional to perform such a critical function for an organization. There are several important considerations that you must weigh to determine the right person for this project. There is no doubt that an assessment can be complex and that it is a critical process that is geared toward reducing your liability exposure. However, if it is not performed correctly or by a knowledgeable professional, it may actually increase your risk for litigation. This chapter will compare both internal and external resources for such a project and walk you through the decision-making ...