The risk assessment report should include:

  • Scope of the assessment (based on system characterization)
  • Methodology used
  • Observations
  • Estimation of overall risk to the system

This report sets the stage for using security controls to mitigate risk. The report should be incorporated into the Site Security Plan.

put it in the book

put it in the book

Leave a Reply

You must be logged in to post a comment.