• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 1. Assessing Risk > Risk Assessment Checklists

Risk Assessment Checklists

Following are some checklists that will help you assess your computer system’s risks. Table 1-1 is a sample inventory of what might be worth protecting on your system and to what degree those items might be at risk. Table 1-2 is a blank form. You can use it or create your own similar list to assess your overall risk. The Risk Checklist is simply a place to record and consolidate a list of the things you need to protect on your computer. Fill it with the following information:

  • What Am I Protecting?: List each thing you want to protect. You might have more than one entry for an item if it faces more than one risk.

  • Risk Number/Description: The name or number from Table 1-3 of the risk you assign to this entry.

  • Exposure: A value from 1 to 10 representing the exposure of the data to the risk listed (1 is low risk; 10 is high risk).

  • Cost: A value from 1 to 10 representing the cost of the loss of this data (1 is low cost; 10 is high cost).

  • Mitigation: A brief description of what you are doing to mitigate the risk to this item. You can fill this in as you read this book and learn about ways to protect your data.

  • Classification and Classification Value: If you are classifying your data, you can use these columns to record the classification of the data and the relative value assigned. I use Critical (value 10), Important (value 6), Replaceable (value 2), and Other (value 0).


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint