The costs of a data breach can be debilitating. It can lead to lost intellectual property, regulatory issues, or even bad press.
What is Risk Assessment?
Risk assessment is the determination of quantitative or qualitative estimate of risk related to a well-defined situation and a recognized threat (also called hazard). Quantitative risk assessment requires calculations of two components of risk (R): the magnitude of the potential loss (L), and the probability (p) that the loss will occur.
What is an Acceptable Risk?
An acceptable risk is a risk that is understood and tolerated usually because the cost or difficulty of implementing an effective countermeasure for the associated vulnerability exceeds the expectation of loss.
Why is risk assessment important?
Risk assessments are very important as they form an integral part of an Information Systems Management Plan.