Security Risk Assessment Standard (ASIS SRA-2024)
This standard replaces the ANSI/ASIS/RIMS RA.1-2015 Standard and the ASIS GSRA 2003 Guideline.
Every organization has assets (e.g., people, property, and information) it relies on to achieve their organizational strategic goals and objectives. To ensure success, the organization must ascertain their assets and apply effective measures to safeguard them.
This revised standard provides guidance for conducting a security-specific risk assessment, which may include physical, non-physical, and logical risks. It provides a structured process to establish the context of the SRA, plan SRA activities, and conduct the SRA (i.e., risk identification, risk analysis, and risk evaluation). This standard also provides guidance on post SRA activities and includes an example of information that may be incorporated into an SRA report.
This standard replaces the ANSI/ASIS/RIMS RA.1-2015 Standard and the ASIS GSRA 2003 Guideline.
Every organization has assets (e.g., people, property, and information) it relies on to achieve their organizational strategic goals and objectives. To ensure success, the organization must ascertain their assets and apply effective measures to safeguard them.
This revised standard provides guidance for conducting a security-specific risk assessment, which may include physical, non-physical, and logical risks. It provides a structured process to establish the context of the SRA, plan SRA activities, and conduct the SRA (i.e., risk identification, risk analysis, and risk evaluation). This standard also provides guidance on post SRA activities and includes an example of information that may be incorporated into an SRA report.
ISBN | 978-1-951997-35-9 |
---|---|
Languages | English |