Accessing and Managing Security Risks

You can use the following simple process outline for accessing and managing security risks:

1. Set the scope.
2. Identify assets and determines their value.
3. Predict threats and vulnerabilities to assets.
4. Document the security risks.
5. Determine a risk management strategy.
6. Monitor assets.
7. Track changes to assets.

Adopted from the book Assessing Network Security by Ben Smith, David LeBlanc, Kevin Lam.