Skip Navigation
Main Content

5. Risk assessment 

This chapter of the Toolkit is devoted to the subject of information security risk assessment and management. Information risk management is important as organisations cannot avoid being exposed to information risk. It forms part of Stage 2 – Planning, assessment and evaluation, Stage 3 – Implementation, support and operation and Stage 4 – Performance, evaluation and improvement in the Toolkit Route map.

Within this chapter, a methodology for information risk assessment is described, as well as some of the key considerations involved when carrying out information security risk assessment.

Key topics
  • Why information security risk assessment is important
  • The key steps in carrying out an information security risk assessment
  • How to decide the appropriate cost of mitigating an information risk

[PDF] Chapter 5 Risk assessment
[PDF] Resources for Chapter 5

Blank Image