Managing Risk

Risk management attempts to identify, assess, and mitigate risks to an acceptable level for the organization. The two key components of risk are threats and vulnerabilities, so these are the two key components addressed when attempting to manage risk. It’s important to realize that risk management is an ongoing process. Threats constantly change and evolve and they must be addressed as they occur, to ensure the organization is not vulnerable to new and emerging threats.

The overwhelming majority of threats cannot be reduced, but you can reduce the impact of threats and reduce vulnerabilities. For example, you can’t stop a hurricane or an earthquake. However, you can reduce the impact of these natural threats by taking additional ...

Get SSCP Systems Security Certified Practitioner All-in-One Exam Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.