We have implemented a formal risk assessment procedure to identify threats and vulnerabilities that could negatively impact the security of sensitive information.
Our risk assessments include the following core activities:
- Identifying critical assets
- Identifying threats to critical assets
- Identifying vulnerabilities, both organizational and technological, that could potentially expose critical assets to those threats, resulting in risk to the organization
- Developing a risk strategy and risk mitigation plan to address identified risks in support of the organization’s mission and priorities
Related Topics
Implementation, Support and Training