Respond – Risk Mitigation Q4

Avoid the risk-Asset value high than cost of control

  • Control: is a safeguard or measure put in place to mitigate/ minimize a risk
    • Logical-Computer Related (access control-username and password, Antivirus
    • Physical-Key locks, badge readers, Armed guard, CCTV, etc.
    • A logical or physical control can be one of the following types:
      • Preventive-Badge reader, Username and password
      • Detective-CCTV
      • Deterrent-Armed guard
      • Corrective-Antivirus
  • Accept the risk-Do noting (asset value lower than cost of control)
  • Transfer the risk-By insurance (Cheaper than implementing control

Residual Risk refers to the loss that remains after all the other known risks have been countered or eliminated

Monitor Risk

This phase involves the following:

  • Testing implemented control on regular basis
  • Conduct Risk Assessment on regular basis to identify new threats and vulnerabilities. Organization environment is dynamic

TYPE OF RISKS

  • Strategic: Prevent accomplishment of mission and goal
  • Financial: Loss of Money
  • Reputational: Damage corporate image
  • Operational: Prevent business continuity
error: Content is protected !!