Directory of services/software for ISO 17799 audit  
ISO 17799 compliance, ISO17799 implementation and security risk analysis  
A launch pad for iso17799 security needs  

 The ISO 17799 Directory: Services & Software for ISO 17799 Compliance, ISO 17799 Audit, ISO17799 Implementation & Security Risk Analysis Contact Us Front Page

What is: Security Risk Analysis?

This question prompts a variety of different, sometimes conflicting, answers. One reason for this is that there are a number of distinct and separate benefits obtained by performing the exercise itself.

The classical definition of Risk Analysis is one that describes it as a process to ensure that the security controls for a system are fully commensurate with its risks.

This description is reasonable, at the highest level. However, as there are so many other advantages to be gained from employing a fully comprehensive methodology, the objectives are sometimes related to these.

In addition, there are questions relating to HOW security reviews are to be conducted, at what cost, with what detail of recommendation, and so on.

The Next Step

For more information on security risk analysis, some background details, and an introduction to one of the worlds leading solutions, 'Introduction to Security Risk Analysis' is an excellent start point