Security Policy: Difference between revisions
Jump to navigation
Jump to search
| Line 107: | Line 107: | ||
::(a) assess the potential consequences that would result if the risks identified in [[Security_Policy#Information_security_risk_assessment|3.1.2]].3 (a) were to materialize; | ::(a) assess the potential consequences that would result if the risks identified in [[Security_Policy#Information_security_risk_assessment|3.1.2]].3 (a) were to materialize; | ||
::(b) assess the realistic likelihood of the occurrence of the risks identified in [[Security_Policy#Information_security_risk_assessment|3.1.2]].3 (a); and | ::(b) assess the realistic likelihood of the occurrence of the risks identified in [[Security_Policy#Information_security_risk_assessment|3.1.2]].3 (a); and | ||
::(c)determine the levels of risk; | ::(c) determine the levels of risk; | ||
:5. Evaluates the information security risks: | :5. Evaluates the information security risks: | ||
::(a) compare the results of risk analysis with the risk criteria established in [[Security_Policy#Information_security_risk_assessment|3.1.2]].1; and | ::(a) compare the results of risk analysis with the risk criteria established in [[Security_Policy#Information_security_risk_assessment|3.1.2]].1; and | ||