Question

Why is performing a risk assessment needed along with performing a security assessment?   

Why is performing a risk assessment needed along with performing a security assessment?   

Homework Answers

Answer #1

Organizations have so many reasons for taking risk assesment along with performing a security assesment and we call it "Performing a Security Risk Assessment". Although the core goal remains same for every IT security risk assesments i.e identify the risks and quanitfy them. But different IT security risk assesments can vary greatly in terms of method and scopes.

Reasons for Performing a Security Risk Assessment

Cost justification: To justify the cost of overall souces and expenditure.

Productivity: To improve security.

Breaking barriers: To reduce the different work culture of management and IT staff.

Self-analysis: Making it easy and friendly to use.

Communication: To boost commuication.

Know the answer?
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Not the answer you're looking for?
Ask your own homework help question
Similar Questions
The purpose of this assignment is to develop an information security risk assessment report for an...
The purpose of this assignment is to develop an information security risk assessment report for an organization. Using Kaiser Permanente as an example develop a risk assessment report with the following. 1) Executive Summary of the risk assessment report 2) Methodology Organizational Assessment System Specific Assessment 3) Results Organizational Risk Analysis, including review of emerging threats and trends, third-party assessments, and security metrics. System Specific Analysis, including system characterization, threat identification, vulnerability identification, impact analysis, control analysis, likelihood determination, risk...
Concepts: security breach, security risk assessment, HIPAA violation related to data security, organizational database security, and/or...
Concepts: security breach, security risk assessment, HIPAA violation related to data security, organizational database security, and/or information security network. Explain how a health care organization could or did get impacted by a type of security and the implications to the organization. How would you prevent this from occurring at your organization?
Discuss the inherent risk assessment of the following items and explain why the auditor asses these...
Discuss the inherent risk assessment of the following items and explain why the auditor asses these inherent risks as high or low: - Inherent Risk Assessment – Prepaid Expenses   [1.25 marks] - Inherent Risk Assessment – Intangible Assets   [1.25 mark
List and describe the required tools needed for an effective assessment. What are some common mistakes...
List and describe the required tools needed for an effective assessment. What are some common mistakes and errors that occur when preparing for a security assessment?
Explain the reason why an accident investigation and risk assessment is conducted. (10)
Explain the reason why an accident investigation and risk assessment is conducted. (10)
Detaily expain the purpose of performing a head- to- toe assessment.
Detaily expain the purpose of performing a head- to- toe assessment.
Why is it so hard to do a believable risk assessment for human space flight systems?
Why is it so hard to do a believable risk assessment for human space flight systems?
If the auditor’s assessment of audit risk is low (e.g., 1% rather than 5%), what is...
If the auditor’s assessment of audit risk is low (e.g., 1% rather than 5%), what is the effect on the amount of substantive testing performed by the auditor? a. Increase in substantive testing. b. Decrease in substantive testing c. No change in substantive testing. Which of the following is the control is not effective and would likely change the auditor’s planned assessment of control risk in performing tests of account balances? a. Tolerable failure rate. b. Allowable risk of assessing...
Is it true that U.S. Treasury security is risk free? Why is it that municipal bonds...
Is it true that U.S. Treasury security is risk free? Why is it that municipal bonds are not taxed at the federal level, but are taxable across state lines? Why is it that U.S. Treasury bonds are not taxable at the state level?
Which of the following BEST describes a government –wide standard for security Assessment and Authorization (A&A),...
Which of the following BEST describes a government –wide standard for security Assessment and Authorization (A&A), and continuous monitoring for cloud products and services, which is mandatory for federal agencies and Cloud Services Providers (CSP)? Federal Risk and Authorization Management Program ( FedRAMP) National Institute of Standards and Technology (NIST) Federal Information Technology Acquisition Reform ACT (FITARA) National Cyber Security Program (NCSP)
ADVERTISEMENT
Need Online Homework Help?

Get Answers For Free
Most questions answered within 1 hours.

Ask a Question
ADVERTISEMENT