Security Risk Assessment

What is security risk assessment? Why go in for security risk assessment? These questions prompt a whole variety of varying and at times, conflicting answers. A good reason for this is that there are several separate, yet very distinct benefits that are obtained by performing the exercise. A classical way to describe security risk assessment is that it is a process that ensures the security controls of a system are adequate, along with its risks.

This description is quite acceptable, however, at the highest level. Nevertheless, since there are so many different advantages to implementing an entirely comprehensive methodology, the objectives can be related to these.

What’s more, there are many questions with regards to ‘how’ security reviews are meant to be conducted, with what detail of recommendation, at what cost and so on.

Benefits Obtained from the Application of Security Risk Assessment

Explore some of the benefits of Security risk assessment:

  • Cost Justification – Added security will always involve additional expense. Since this does not generate any kind of income, it must always be justified, that is in financial terms. The security risk assessment process should automatically and directly generate justification for security recommendation in terms of business.
  • Productivity – Risk assessment should always boost the productivity of the audit or security team. By formalizing a review, creating a review structure, collecting security knowledge within the system’s ‘knowledge base’ and implementing ‘self-analysis’ features, it can be more productive.
  • Breaking Barriers – Security must be addressed to both the IT staff as well as the business staff. The management staff is responsible for making decisions that relate to the security level. The IT staff on the other hand, is responsible for making decisions that relate to specific applications and controls. 
  • Self-Analysis – The security risk assessment system must always be simple enough to use, without the need for any security knowledge or IT expertise. This will allow security to be used in more and more areas and to become more involved. It allows security to become a bigger part of the organization’s culture.
  • Communication – By acquiring information from other parts of a business unit, a security risk assessment boosts communication and expedites decision-making.

Please Read This Once - Ordering Documents - ERIC Search Strategies - ERIC Education Search
Education Resources - Education Information - Department of Education - Adult Education Resources
Spanish Education - German Education - Chinese Education - Special Education Resources
ERIC Database Information - Education Resources Information Center

ERIC Resource Directory - Search ERIC Database - Spanish ERIC Resources

About ERIC - Search Eric Sitemap

Drag this Search ERIC link to your link bar.


Educational Resources - Gay / Lesbian Adolescents - Gay / Lesbian Resources - Being Gay in School



© SearchERIC 2000 - Present