As a large Fortune 500 company, it is extremely important that all measures against threats are managed properly. With the advancement in Information Technology, there are ways to manage security vulnerabilities and assess the level of risk to determine if the risk must be confronted or if it is an acceptable risk for the company. No matter how hard we try, risks will always be out there and that is why it is imperative that correct measures are taken to see the company’s vulnerabilities and to prevent exploitation.
A Security Risk Assessment is the very first step of a full risk analysis and involves many different steps. These assessments are created to help companies be proactive and help prevent threats. As the consultant, I will conduct the assessment and determines how probable it is that a specific risk may happen. A formal report will be given to explain the consequences of each risk present. The risks will also be rated based on the likelihood of the event and the severity of it. This will …show more content…
The scope of the plan is there to set boundaries so that the plan I will be focused and stay on task during the entire assessment. Here, the goals and objectives will be set and we will define the responsibilities within the risk assessment. We will also define the specific inclusions and exclusions of the project and determine the critical areas to be assessed. This will prevent scope creep where uncontrolled changes will happen and create additional requirements and potentially result in a missed deadline for the risk assessment or increased costs for services. If uncontrolled changes are brought to my attention that must be addresses, we will change the scope of the plan as necessary. The final step of setting of the scope of the assessment is to define the risk assessment methodologies that will be put in
A Security Risk Assessment is the very first step of a full risk analysis and involves many different steps. These assessments are created to help companies be proactive and help prevent threats. As the consultant, I will conduct the assessment and determines how probable it is that a specific risk may happen. A formal report will be given to explain the consequences of each risk present. The risks will also be rated based on the likelihood of the event and the severity of it. This will …show more content…
The scope of the plan is there to set boundaries so that the plan I will be focused and stay on task during the entire assessment. Here, the goals and objectives will be set and we will define the responsibilities within the risk assessment. We will also define the specific inclusions and exclusions of the project and determine the critical areas to be assessed. This will prevent scope creep where uncontrolled changes will happen and create additional requirements and potentially result in a missed deadline for the risk assessment or increased costs for services. If uncontrolled changes are brought to my attention that must be addresses, we will change the scope of the plan as necessary. The final step of setting of the scope of the assessment is to define the risk assessment methodologies that will be put in