12 Security Risk Assessment Reporting

To the customer of the security risk assessment, the project is not complete until it is documented. One of the most important elements of the security risk assessment effort is the reporting of the results. The security risk assessment team may have a clear understanding of the risks to the organization and the safeguards that should be employed, but that information must be conveyed to the organization in a clear and effective manner.

Recall that a security risk assessment is an objective analysis of the current security controls effectiveness to protect an organization’s assets and a determination of the probability of losses to those assets. The goal of the security risk assessment is to provide information ...

Get The Security Risk Assessment Handbook, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.