Risk analysis Flashcards
1
Q
What is a definition for risk?
A
The possibility to suffer harm or loss
2
Q
What are three distinguishing characteristics of a risk?
A
- the associated loss
- the likelihood that the event will occur
- the degree to which the event can be influenced
3
Q
Name 4 strategies for handling risk
A
Avoiding, mitigating, transferring, assuming
4
Q
What is risk analysis?
A
Risk analysis is the process of examining a system and its operational environment to determine possible exposures and the possible harm they can cause.
5
Q
What is risk managment?
A
Risk management then involves the identification, selection and adoption of security measures justified by:
- the identified risk to assets
- the employment of measures to reduce the risk to an acceptable extent
- the cost of these measures
6
Q
What are the 6 steps of qualitative risk analysis?
A
- Determine the scope, identify assets, assemble team
- Identify threats and vulnerabilities
- Prioritize threats, determine impact priorities and total threat impact
- Identify safeguards
- Cost-benefit analysis and prioritization of safeguards
- Report