📄️ Overview
A Risk Assessment is a process to identify potential hazards and analyze what could happen if a hazard occurs. A business impact analysis (BIA) is the process for determining the potential impacts resulting from the interruption of time-sensitive or critical business processes. It is important to perform a risk assessment to understand the potential risks to your business and to identify the measures that can be taken to mitigate those risks.
📄️ Risk Assessment
Every organization should be performing some type of Risk Assessment. Risk Assessments can vary in nature and degree. However, they should lay out risks from both a business and technical perspective. Oftentimes you'll encounter that organizations are not performing a risk assessment at all.
📄️ Risk Mitigation
After both the business and technical risk assessments have been conducted. You will need to then review the findings and assign a risk score based upon your own defined matrix. Next you will need to Mitigate that risk, or put in place a compensating control to limit risk exposure.