4.0 Assessments & Audits
4.1 Risk assessments and implementing risk mitigation.
Identifying potential risks and deploying ways to prevent said risks through mitigation, assignment and acceptance are an important part of any company or organization’s security. Without thorough assessments and audits, it will be extremely challenging to properly secure a network and computer systems. The fact is that there is no surefire way to completely secure a network. Though, assessments and risk mitigation skills can be used to help provide the best possible security system.
Risk assessment is used to help limit the number of risks that a company has to face. This often involves finding out the threats that the system or network has and finding ways to minimize them. It is also extremely important to look and patch any vulnerabilities that may exist. Vulnerabilities can be found easily and when they are not taken care of properly, your entire network is at risk.
There are several different formulas for analyzing risks: ALE (Annual Loss Expectancy), ARO (Annualized Rate of Occurrence), SLE (Single Loss Expectancy), and EF (Exposure Factor). Know what these risk assessments are and how you would go about implementing them for risk mitigation. For the test, be aware of these formulas and know what they are used for. For example, know what the annual loss expectancy is and how it relates to risk. You’d want to know that ALE deals with dollars and the monetary amount that could potentially be lost to a certain risk.
No comments:
Post a Comment