Course name: information security and risk management
1. Discuss the critical components of a risk assessment, and why they are so important to include in the planning and execution.
2. Our text book discusses the probability scale (see p. 121) being low, medium and high. Are there other scales used in the private industry? From your research, do they match in content to the one referred to in our textbook?
3. Explain when you believe a qualitative risk assessment would be more appropriate to perform, rather than a qualitative.
4. What are some challenges we may face when executing a risk assessment?
5. Discuss some of the best practices in use for a risk assessment and why they are important.
TextBook: Gibson, Darril. Managing Risk in Information Systems, 2nd edition. Burlington, MA: Jones & Bartlett, 2015
I have attached the textbook content. Please answer to each question