Information Security Risk Assessment
Introduction A risk assessment is an important part of any information security process. A risk assessment is used to understand the scale of a threat to the security of information and the probability for the threat to be realized. The result of a risk assessment can be used to prioritize efforts to counteract the threats. The following scenarios illustrate how a risk assessment will assist in making information security decisions.