Chapter 7 Information Security Risk Assessment: Reporting

Information in this chapter:

• Outline

• Risk Analysis Executive Summary

• Methodology

• Results

• Risk Register

• Report Template

Introduction

In an information security risk assessment, the compilation of all your results into the final information security risk assessment report is often as important as all the fieldwork that the assessor has performed. Some would even argue that it is the most important part of the risk assessment process. This is due to the fact that the final report and related derivative information (e.g. slide decks or summary memos) are the only deliverables that the stakeholders will see. It is essential to the credibility of your entire process that the final ...

Get Information Security Risk Assessment Toolkit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Information Security Risk Assessment Toolkit by Mark Talabis, Jason Martin

Chapter 7

Information Security Risk Assessment: Reporting

Information in this chapter:

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly