Risk management is the process of discovering and assessing the risks to an organization’s operations and determining how those risks can be controlled or mitigated. This process involves discovering and understanding answers to some key questions with regard to the risk associated with an organization’s information assets.
Using your organization, or an organization you are familiar with, select an InfoSec risk in this organization in order to address the following in a 6-slide PowerPoint Presentation:
(a) Where and what is the risk (risk identification)
(b) How severe is the current level of risk (risk analysis)
(c) Is the current level of risk acceptable (risk evaluation)
(d) What is needed to bring the risk to an acceptable level (risk treatment)?
Be prepared to present your PowerPoint presentation (6 slides maximum) in no less than 15 minutes, but no more than 20 minutes.