Options
assessing risk and vulnerabilities
When assessing risk and vulnerabilities with any IT system, what are the 'critical' elements?
Comments
-
Options
Turgon
Banned Posts: 6,308 ■■■■■■■■■□
When assessing risk and vulnerabilities with any IT system, what are the 'critical' elements?
That most likely depends on what you define as risk and vulnerability. A system may be potentially vulnerable to attack but if the risk is low and the risk of mitigating or eliminating that vulnerability is high in the sense of possibly screwing up the system then you have a critical element that goes beyond the device itself i.e the impact of system loss. You also have the cost of reducing risk. Its an interesting subject that goes around in circles unless you have some kind of template in mind to help with assessments. I imagine that is what you are looking for and it will vary from standard to standard. Financial risk, operational risk, business continuity risk, security risk. -
Options
eMeS
Member Posts: 1,875 ■■■■■■■■■□
When assessing risk and vulnerabilities with any IT system, what are the 'critical' elements?
There are potentially many ways to answer this, but I think what you're looking for as the critical elements of risk are:
1. The asset(s) to be protected
2. The potential threats to those assets
3. The path that the threat takes, or the specific vulnerability
As you've asked it, it kinds of sounds like a school question...is this for some assignment or something?
MS -
Optionsqwertyiop
Member Posts: 725 ■■■□□□□□□□
There are potentially many ways to answer this, but I think what you're looking for as the critical elements of risk are:
1. The asset(s) to be protected
2. The potential threats to those assets
3. The path that the threat takes, or the specific vulnerability
As you've asked it, it kinds of sounds like a school question...is this for some assignment or something?
MS
Its just a question that came up in one of my classes and everyone had such diffrent answers so I just wanted to see what you guys had to say