O'Reilly logo

Information Security Risk Management for ISO27001/ISO27002 by Steve Watkins, Alan Calder

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER 10: IMPACT AND ASSET VALUATION

The successful exploitation of a vulnerability by a threat will have an impact on the asset’s availability, confidentiality or integrity. This may have consequences for the business, in terms of its actual operations, or from a compliance angle, or in relation to a contractual requirement. A single threat could exploit more than one vulnerability and each exploitation could have more than one type of impact. These impacts should all be identified.

Risk assessment involves identifying the potential business harm that might result from each of these identified impacts. The way to do this is to assess the extent of the possible loss to the business for each potential impact. One object of this exercise is to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required