Risk analysis is the process of defining and analyzing the dangers to individuals, businesses and government agencies posed by potential natural and human-caused adverse events. In IT, a risk analysis report can be used to align technology-related objectives with a company's business objectives. A risk analysis report can be either quantitative or qualitative.
In quantitative risk analysis, an attempt is made to numerically determine the probabilities of various adverse events and the likely extent of the losses if a particular event takes place.
Qualitative risk analysis, which is used more often, does not involve numerical probabilities or predictions of loss. Instead, the qualitative method involves defining the various threats, determining the extent of vulnerabilities and devising countermeasures should an attack occur.
This was last updated in October 2010
Email Alerts
Register now to receive SearchMidmarketSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States.
Privacy
Dig Deeper
-
You don't have to rely on Adobe's Acrobat Reader as your only PDF viewer; Google Chrome provides a secure PDF viewer that cuts down on your chances of falling victim to a PDF exploit.
-
Security researchers from Trustwave's Spiderlabs research team demonstrated malware,--including a Windows credential stealer--that uses automated processes to avoid detection and dupe forensics investigators.
-
Social engineering attacks trick users into installing rogue security software. Users need to be educated to avoid falling prey, and IT needs the tools to remove the fake security software.
-
People who read this also read...
-
Resources from around the Web