This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Risk Assessment
Risk Assessment

Version management

Difference between version and

At line 1 added 25 lines
!!! Overview
[{$pagename}] is the determination of quantitative or qualitative estimate of [risk] related to a concrete situation and a recognized [threat] (also called an [Unfortunate event] or hazard). [{$pagename}] in a Quantitative manner requires calculations of the two components of risk (R):
* the [Magnitude of the Potential loss] (L) if the [Unfortunate event] does occur ([{$applicationname}] has also seen the term Impact)
* the [Probability of Loss] (p) that the [Unfortunate event] will occur within the [Threat landscape] ([{$applicationname}] have also seen the term Likelihood)
[{$pagename}] is calculating the chance that [Attackers] might succeed, so you know how much effort to spend defending against them. There may be many different ways that you might lose control or [access] to your [data], but some of them are less likely than others. [{$pagename}] means deciding which [Attacks] you are going to take seriously, and which may be too rare, too harmless, or [too difficult|Attack Effort] to combat to worry about. The [Risks] that are considered [Acceptable risk])
Within the [context] of [Information security] there are two types of [risk] that companies face:
* [Regulatory Risk]
* [Real Risk]
Of course these may overlap and any given [risk] may be both a [Real Risk] and a [Regulatory Risk]
!! [Threat Model]
[{$pagename}] is performed by creating a [Threat Model].
!! [{$pagename}] and [Authentication]
The [{$pagename}] for [Authentication] failure that would allow an [Unauthorized] [entity] [Access] to a [Protected Resource] is dependent on the [Magnitude of the Potential loss] of the [Protected Resource] or [Disclosure] or the [Protected Data].
The [Probability of Loss] occurrence appears to be high within the [Threat landscape]
[{$pagename}] within the [API Economy], where almost all [Protected Resources] are accessible in a programmatic method, and [Credential Leakage] may occur from many [DataStores] adds to the [Complexity] of [Authentication] !! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Risk Assessment|Wikipedia:Risk_assessment/|target='_blank'] - based on information obtained 2016-01-07
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop