Finding the risk (Risk Identification)Process of self-examination is regarded as the first process for looking at risk.So there are risks for a search procedure to consideration as follows:1. create a list of information assets, consisting of hardware and software, information, processes, people, systems and networks. 2. the assets are divided into categories, with what it means to set the value of each asset of the technology. To consider to determine the value of assets that have the most value can be performed as follows: -Consider any information assets are critical to your organization's success. -Consider any information assets, causing the maximum profit. -Consider any information asset, the most expensive in the substitution. -Consider any information in the most expensive asset protection. -Consider any information asset, doing the most damage or make the most of the debt if a lost or stolen. 3. finding threats to assets. Search for assets that have weaknesses by searching for threats to the asset. Single 2.2 risk evaluation (Risk Assessment) Risk valuation to estimate the likelihood that potential vulnerability is multiplied by the value of information and assets, minus a percentage of reduced risk, plus the uncertainty of knowing the weaknesses.To increase efficiency in the risk assessment and the possibility that potential vulnerability has been assigned by the check box questions as follows:-What kind of threats to harm the Organization's assets in a given environment. -What kind of threats that are most harmful to the Organization's information assets. -How much amount that must be broken in order to restore the system from a successful attack which threats require submission of money set aside to prevent. For example, uncertainty about who can assess from experiences and decisions.2.3 the design and installation of security systems.2.3.1 the physical security (Physical Security)Physical security means to prevent unauthorized access to computer systems and physical network can be divided into 2 groups, one group is the group that causes a.
การแปล กรุณารอสักครู่..