2016年11月20日 星期日

Risk Profile

The risk profile is determined by an organization's willingness to take risks as well as the threats to which it is exposed.

The risk profile should identify the level of risk to be accepted, the way risks are taken, and the way risk-based decision making is performed. Additionally, the risk profile should take into account potential costs and disruptions should one or more risks be exploited.

Referenced from The Official ISC2 Guide to the CCSP CBK.

沒有留言:

張貼留言