Please enable JavaScript.
Coggle requires JavaScript to display documents.
The Drivers of the Information Security Business (Risk Management (Risk…
The Drivers of the
Information Security Business
Risk Management
Risk Identification
Define the risk
Understand expected impact
Probability of impact
How to mitigate it
Through risk register development
Risk analysis
Either qualitative or quantitative approach
Allows organizations to decide on which risks need their attention
Risk-response planning
Need to select strategies to address risks
A demonstration of examining risks
Risk monitoring and control
Appreciation of continuous change in conditions
Need for continuous monitoring of risks
About identifying and analyzing new risks
Business Impact Analysis
Business Continuity Plan
Is a plan to help organizations continue to operate during or after a disruption
Covers all functions of a business
IT systems
Facilities
Personnel
Disaster Recovery Plan
How an organization recovers from a disaster
Consists of:
Maximum Acceptable Outage
Recovery Time Objectives
Critical Business Function
Complying with C-I-A goals of IT infrastructure
Assess for risks
Determine business impacts
Create DRP and BCP