3 Project Definition
A security risk assessment project can mean many things to many people. If there is not a common meaning between the security risk assessment team and the security risk assessment consumer (or other stakeholders) then it is rather difficult to ensure a successful project. Within the context of this book, a security risk assessment is defined as:
An objective analysis of the effectiveness of the current security controls that protect an organization’s assets and a determination of the probability of losses to those assets.
Various regulations, guidelines, and other information sources sometimes call the security risk assessment by another name. Terms used include security audit, risk assessment, security testing, and so ...
Get The Security Risk Assessment Handbook, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
