Key Considerations in Conducting a Threat Assessment for Organizations

When conducting a threat assessment an organization should determine?

An organization should determine the following key factors:

  • Which threats require the least expenditure to prevent.
  • Which threats would cost the least to recover from if there was an attack.
  • Which threats represent the most damages to the organization's information.

Question:

Why is it important for an organization to identify the threats that would cost the least to recover from?

Answer:

Threat assessment includes in-depth analysis of a risk occurrence and its impact on the organization, both in financial and non-financial aspects are considered.

Explanation:

The last question listed is relevant to threat assessment because threat assessment is acknowledging what impact a particular outcome poses on the organization's operations or organization as a whole. Whereas the first question was of risk management procedure which talks about how a risk must be mitigated to ensure a safe future of the organization.

← Preventing fraud declining a suspicious transaction Why is accrued interest expense divided by 360 days instead of 365 days →