Finally, residual risk is important to calculate for determining the appropriate types of security controls and processes that get priority over time. Or they could opt to transfer the residual risk, for example, by purchasing insurance to offload the risk to an insurance company.Īnother reason residual risk consideration is important is for compliance and regulatory requirements - for example, International Organization for Standardization 27001 stipulates this risk calculation. This means that residual risk is something organizations might need to live with based on choices they've made regarding risk mitigation. Residual risk is important for several reasons. First to consider is that residual risk is the risk "left over" after security controls and process improvements have been applied. Residual risk is the risk that remains after efforts to identify and eliminate some or all types of risk have been made. What is residual risk and why is it important?
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |