This preview shows page 1. Sign up to view the full content.
Unformatted text preview: additional controls first? Which vulnerability should be evaluated last? n.b. the formula for risk is: (The likelihood of the occurrence of a vulnerability) * (The value of the information asset) - (The percentage of risk mitigated by current controls) + (The uncertainty of current knowledge of the vulnerability). See pages 295-298 of your text. 2. Using the Web, search for at least three tools to automate risk assessment. Collect information on automated risk assessment tools. What do they cost? What features do they provide? What are the advantages and disadvantages of each one? book Third edition : Management of information security Michael E.Whitman,Herbert J. Mattord...
View Full Document
- Spring '11