Risk Management Planning and Implementation
Risk management is the continuous process of selecting, implementing, and monitoring threat countermeasures to maintain an acceptable level of risk at an acceptable cost. IIT begins the process with an assessment of an organization’s critical assets and the impact of their degradation, their vulnerability to exploitation, and the nature and likelihood of specific threats. This information is used to identify and evaluate risks and develop effective countermeasures to reduce that risk. This analysis enables the development of highly efficient, comprehensive Security Plans of Action that can be continuously evolved and improved to maintain effectiveness against the most complex and dangerous new threats.