Reply To: OCU ISCAP A Week 01 Lesson 01 Discussion
Risk management is important since managing threats to assets is actively protecting a company’s valuable information. Threat agents, which could be a person who seeks to steal data or a malfunction in a system, could halt a company’s ability to do business and potentially put the company out of business. Working with management is the first step to evaluating acceptable risk and the costs willing to be spent to prevent critical data from exposure. Risk comes in the form of poor patching schedule, not enough training, among other reasons. Controls are set in place to countermeasure obvious flaws found in risk assessments, like firewall implementations and new access restrictions.
