Premium Content

Access "Risk assessment methodology: Anatomy of the risk assessment process"

Charles Cresson Wood Published: 19 Dec 2012

Risk assessments provide a detailed report on the current state of your enterprise's security posture and create a road map for correcting deficiencies. They can be focused on specific aspects of your security infrastructure, such as the effectiveness of the protective measures around critical database servers; or they can be organization-wide evaluations, such as assessing the effectiveness of the overall security program. In either case, the risk assessment has two basic parts: technical and policy/procedures. Assessors often use methods such as penetration tests and vulnerability scans to measure the technical aspects of a security program. They'll measure how well your program patches vulnerable servers, maintains firewall rule sets and updates IDS signatures. They'll also show how easy or difficult it would be for a worm to infect your network or for a hacker to compromise data. Assessors will measure your organization's compliance with its own security policy, as well as laws, regulations and industry standards. Your risk assessment should first ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free