IT Examiner School

Risk Assessments Process used to identify and understand risks to the confidentiality, integrity, and availability of information and systems. Consists of the identification and valuation of assets and an analysis of those assets in relation to potential threats and vulnerabilities, resulting in a ranking of risks to mitigate. Results are used to develop strategies to mitigate those risks.

Types of Risk Assessments

Gramm ‐ Leach ‐ Bliley Act (GLBA) / Information Security

Business Continuity Planning

Audit

Authentication

Encryption, Awareness Training, etc.

Cybersecurity

Third Parties