A Security Risk Assessment is the very first step of a full risk analysis and involves many different steps. These assessments are created to help companies be proactive and help prevent threats. As the consultant, I will conduct the assessment and determines how probable it is that a specific risk may happen. A formal report will be given to explain the consequences of each risk present. The risks will also be rated based on the likelihood of the event and the severity of it. This will …show more content…
The scope of the plan is there to set boundaries so that the plan I will be focused and stay on task during the entire assessment. Here, the goals and objectives will be set and we will define the responsibilities within the risk assessment. We will also define the specific inclusions and exclusions of the project and determine the critical areas to be assessed. This will prevent scope creep where uncontrolled changes will happen and create additional requirements and potentially result in a missed deadline for the risk assessment or increased costs for services. If uncontrolled changes are brought to my attention that must be addresses, we will change the scope of the plan as necessary. The final step of setting of the scope of the assessment is to define the risk assessment methodologies that will be put in