Security Definitions - Risk Assessment

Risk Assessment - is a qualitative or quantitative review of the likelihood a threat agent taking advantage of the vulnerability. Some security related examples are:

• Open ports on a firewall
• Not upgrading to new OS version
• Not applying a software patch

Basic Security Steps of Risk Assessments:

1. Identify and prioritizing assets
2. Identify vulnerabilities
3. Identify threat and probabilities of it occurring
4. Identify countermeasures
5. Develop a cost benefit analysis
6. Develop security policies and procedures