Authors: Thomas R. Peltier
ISBN-13: 9781420062755, ISBN-10: 1420062751
Format: Hardcover
Publisher: Taylor & Francis, Inc.
Date Published: November 2008
Edition: (Non-applicable)
Successful security professionals have had to modify the process of responding to new threats in the high-profile, ultra-connected business environment. But just because a threat exists does not mean that your organization is at risk. This is what risk assessment is all about. How to Complete a Risk Assessment in 5 Days or Less demonstrates how to identify threats your company faces and then determine if those threats pose a real risk to the organization.
To help you determine the best way to mitigate risk levels in any given situation, How to Complete a Risk Assessment in 5 Days or Less includes more than 350 pages of user-friendly checklists, forms, questionnaires, and sample assessments.
Presents Case Studies and Examples of all Risk Management Components
Based on the seminars of information security expert Tom Peltier, this volume provides the processes that you can easily employ in your organization to assess risk.
Answers such FAQs as:
Always conscious of the bottom line, Peltier discusses the cost-benefit of risk mitigation and looks at specific ways to manage costs. He supports his conclusions with numerous case studies and diagrams that show you how to apply risk management skills in your organization—and it’s not limited to information security risk assessment. You can apply these techniques to any area of your business. This step-by-step guide to conducting risk assessments gives you the knowledgebase and the skill set you need to achieve a speedy and highly-effective risk analysis assessment in a matter of days.
Introduction
1 The Facilitated Risk Analysis and Assessment Process (FRAAP) 1
2 Risk Analysis (Project Impact Analysis) 57
3 Pre-Screening 67
4 Business Impact Analysis 81
5 Gap Analysis 99
App. A Facilitator Skills 111
App. B FRAAP Team Members 117
App. C Project Scope Statement 125
App. D Laws, Standards, and Regulations 129
App. E Frequently Asked Questions about Risk Management 131
App. F Risk Analysis versus Risk Assessment 137
App. G Sample Threat Checklist 143
App. H Sample BIA Questionnaire 153
App. I Sample Risk Assessment Management Summary Report 251
App. J Project Scope Statement 259
App. K Why Risk Assessments Fail 265
App. L Gap Analysis Examples 269
App. M Control Lists 399
App. N Heat Charts 423
Index 431