Reply To: OCU C)DFE D Week 05 Discussion

Kevin Mehok

IST 2901 Digital Forensic Examiner
Week Five
Assignment #2
WK5 Three Steps Identification Discussion
Kevin Mehok

Hey Class,

In theory, this is much like Risk Management, right? We are protectors, but when something goes south, we need to have clear ways to identify the situation or situations.

Risk assessment is the name for the three-part process that includes:

Risk identification
Risk analysis
Risk evaluation

Let’s start with ‘identification’, shall we? Step one, our organization should conduct risk assessment in a systematic manner. Step two, we must perform risk assessment collaboratively, as a team effort, and involving different stakeholders. Step three, we should always take into account any ‘unique knowledge’ and views.

Okay, now that’s done, what’s next? Well, that is ‘risk analysis’. Here we must learn the nature of the risk(s). During risk analysis, we need to be sure to consider uncertainties, including those with possible negative and positive consequences. Each week, why do I feel like I am disciplining my kids? Please implement the following:
Sources of risk
Likelihood of events
The consequence of those events
The effectiveness of current controls
The effectiveness of potential future controls

Okay, finally, the last piece, Risk Evaluation. During risk evaluation, we should compare the results that our teams have come up with during our risk analysis and compare those to our organization’s existing risk criteria to determine if we need to do more to treat the risk(s) we’re assessing.

During risk evaluation, our organization may choose to:

Do nothing
Consider implementing other risk treatments
Reconsider your organization’s objectives
Return to the risk analysis phase to develop a more thorough understanding of the risk at hand

Outside the scope of digital policies, these Risk policies in my opinion almost serve perfectly.

That’s all I’ve got.

God Bless,



Please Note:

The support ticket system is for technical questions and post-sale issues.


If you have pre-sale questions please use our chat feature or email .

Cybersecurity Certifications for Today's INFOSEC Careers

Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.


Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range.  We train students in penetration testing,disaster recovery, incident handling, and network forensics.  Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.  



We've developed training for...

Canada Army Navy Airforce

The Canadian Department of National Defense


The United States Air Force

Defense Logistics Agency

A United States Counterintelligence Agency

Texas Workforce Commission

Texas Workforce Commission

error: Alert: Content is protected !!