Relationship Between Risk Analysis, Risk Assessment, And Risk Management (SP 800-30)

In this video we discussed the relationship between Risk Analysis, Risk Assessment, and Risk Management as it relates to cybersecurity leveraging the NIST SP 800-30.

***Risk Analysis***: This is the practice of brainstorming and listing all the possible Threat Events that can occur within a system or a process.

***Risk Assessment***: This is the process of determining the likelihood of these risk factors occurring and their Impact to an organization and putting them in a report.
(This is all about measuring and prioritizing risks so that risk levels are management within defined tolerance thresholds without being overcontrolled or forgoing desirable opportunities).

***Risk Management***: This is the process of making and carrying out decisions that will minimize the adverse effects of risk on an organization. (The results of the risk assessment process then serve as the primary input to risk responses whereby response options are examined (accept, reduce, Transfer, or avoid), cost-benefit analyses performed, a response strategy formulated, and risk response plans developed.)


*****See my Patreon page for access to the Risk Assessment Template used in the video*********


The free way to help the channel grow is by subscribing using the link below:
https://www.youtube.com/c/KamilSec?su...


************Patreon & Channel Support******************
https://www.patreon.com/kamilSec?fan_...


*******Order your KamilSec (KS) Designs Merch:*********

https://kamilsec.creator-spring.com/

**************************************************************



Buy me a coffee if you appreciate my work
https://buymeacoffee.com/kamilsec


CashApp: $Kamilzak
Zelle: [email protected]
Paypal: https://paypal.me/MZakari

Thank You!!!
*************************************************************



Connect with me on Social Media:
Twitter:   / kamilzak_1​  
Instagram: @Kamilzak1