This blog was written by a third party author.
What is a security risk assessment?
A security risk assessment is a formal method for evaluating an organization’s cybersecurity risk posture. Comprehensive security risk assessments take stock in business objectives, existing security controls, and the risk environment in which the business operates. When done well, the assessment identifies security gaps in existing controls as compared with industry best practices. Assessments then prioritize opportunities to close the gaps based on the significance of the cyber risk to which they expose the business.
Security risk assessments provide a foundational starting point and an ongoing yardstick for developing a risk-based cybersecurity program. Systematically documenting technical and process deficiencies and scoring them by the potential to materially impact ongoing business missions lays the groundwork for:
Holding meaningful discussions with executives on the business implications of security risk
Providing the waypoints for disciplined investment in…
 |
Posted by: Ericka Chickowski |
The post Security risk assessments explained appeared first on Cybersecurity Insiders.
August 25, 2020 at 09:10PM
0 comments:
Post a Comment