Chapter 3

The Risk Management Lifecycle

Information in this Chapter

Stages of the Risk Management Lifecycle

Business Impact Assessment

A Vulnerability Assessment Is Not a Risk Assessment

Making Risk Decisions

Mitigation Planning and Long-term Strategy

Process Ownership

Introduction

If you think about risks in your own organization, you might think about a weakness that is found during the software development process, an unknown dependency that is discovered during a disaster, or maybe a manual process that is prone to human error. In all these cases, the risk will certainly change and evolve over time. You may assess that exposure as being a critical level risk to the organization today, but in 6 months the risk may be reduced ...

Get Security Risk Management now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial