X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 110 / 158

474 views

0 shares

0 downloads

0 comments

110 / 158

U.S. Department of Health and Human Services

Risk assessment or risk analysis is a process of identifying risks to agency operations (including mission, functions, image, or reputation), agency assets, or individuals. The process incorporates threat and vulnerability analysis. It includes determining the probability that a security incident could occur, the resulting impact, and additional security controls that would mitigate this impact.

A risk assessment is a required part of a security documentation for Security Authorization. Risk assessments should be conducted during the initiation and development stage of the EPLC. Once the system is implemented, a risk assessment should be performed at least every three years or in the event of a significant change.

Page 2 of 9

System Security Testing

Risk Assessment

Document info
Document views474
Page views474
Page last viewedSun Dec 11 04:15:26 UTC 2016
Pages158
Paragraphs2058
Words16945

Comments