Process of identifying the risks to a system security and determining the probability of occurrence.

Security risk assessment enables management make risk-based decisions for the development of new controls or investment on resources to boost security of existing controls. Security Risk assessment is an essential part of the holistic security management process. Security risk management involves the process of ensuring that organisation’s risk posture falls within acceptable limits defined by senior management.

  •  Security Risk assessment involves analysing the effectiveness of the current security controls protecting the organisation’s assets, also determining the probability of losses to those assets
  • Determining the threats to the organisation’s assets
  • Review threat in relative to organisation’s security defences
  • Review critical systems and assets of value in relation to security controls and vulnerabilities
  • Determine the impact of expected losses
  • Recommendation for additional controls
  • Offer solution for deploying additional controls (technical, administrative, physical)