Page 46 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 46
Information Security and Privacy Manmohan Sharma, Lovely Professional University
Notes Unit 4: Risk Analysis
CONTENTS
Objectives
Introduction
4.1 Risk
4.2 Risk Management
4.2.1 Internal Factors
4.2.2 External Factors
4.2.3 Steps involve in Risk Management
4.3 Risk Analysis
4.3.1 Basic Principles of Risk Assessment
4.4 Approaches and Considerations
4.4.1 Acceptance
4.4.2 Avoidance
4.4.3 Transfer
4.4.4 Reduction
4.5 Summary
4.6 Keywords
4.7 Review Questions
4.8 Further Readings
Objectives
After studying this unit, you will be able to:
Understand the concept of risk management
Explain the concept of risk assessment
Discus various approaches and considerations to risk analysis
Introduction
Most of us hate the idea of risk. While we collectively spend a great deal of time and money to
reduce it, we can never hope to eliminate it. The reason is that some amount of uncertainty is “built
in” to all aspects of the world around us. In fact, at the smallest level of physical reality, quantum
physicists must deal only in probabilities, as they cannot predict with certainty which events will
occur, or where or when they might occur. The very word “risk” tends to make us nervous, as it
portends the probability that something bad may happen to us. The word “happen” is also a clue
to our deep concerns about risk, because it indicates events that are out of our control.
In this unit we will discuss the concept of risk analysis and risk management.
40 LOVELY PROFESSIONAL UNIVERSITY
