Risk Assessment and Management
Risk Assessment and Management
Risk is a potential problem that has to be fixed now which can be avoided or mitigated.
Risk is as combination of the probability of an event and its consequence.
Risk has two attributes that must be evaluated:
Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situation and a recognized threat. (Wikipedia)
Alat bantu manajemen yang dalam konteks information security management digunakan untuk:
- Cause – any event, action, or inaction
- Effect – impact on achieving business objectives
Baca Juga
- Inherent Risk – The risk within an account or a process without considering the effectiveness of internal controls
- Control Risk – The risk that internal controls will not be effective or timely
- Detection Risk – The risk that auditing procedures are not effective
Risk assessment is the determination of quantitative or qualitative value of risk related to a concrete situation and a recognized threat. (Wikipedia)
Alat bantu manajemen yang dalam konteks information security management digunakan untuk:
- mengidentifikasi risiko (risk) dan ancaman (threat)
- mengklasifikasi aset: informasi, teknologi
- menentukan tingkat kerentanan (vulnerability) sistem
