[Isabelle Tubbs]

Risk, which can be defined as the measure of threat to an asset, is important to an organization’s level of security. In order to protect assets, security measures should be put in place to reduce risks. These controls must be working well and properly addressing certain types of threats. Adding firewalls can add a software level of protection, and implementing guards and policies can further add to protection.
A threat is essentially an unfavorable action performed by some entity on an asset. Measuring assets and potential threats is a big part of creating a good risk assessment. It is meant to give a good understanding of what threats exist, what it could mean for the company, and ways to prevent or lessen the damage of these threats.
In total, risk management could be defined as a combination of good risk assessment, monitoring resources and systems, and trying to reduce risk.