2023 IT Examiner School

Internal Use Only

Risk Assessment Types & Methodologies

Internal Use Only

Risk Assessments Process used to identify and understand risks to the confidentiality, integrity, and availability of information and systems. Consists of the identification and valuation of assets and an analysis of those assets in relation to potential threats and vulnerabilities, resulting in a ranking of risks to mitigate. Results are used to develop strategies to mitigate those risks.