Security Risk Assessment Standard (ASIS SRA-2024)
Every organization has assets (e.g., people, property, and information) it relies on to achieve their organizational strategic goals and objectives. To ensure success, the organization must ascertain their assets and apply effective measures to safeguard them.
This revised standard provides guidance for conducting a security-specific risk assessment, which may include physical, non-physical, and logical risks. It provides a structured process to establish the context of the SRA, plan SRA activities, and conduct the SRA (i.e., risk identification, risk analysis, and risk evaluation). This standard also provides guidance on post SRA activities and includes an example of information that may be incorporated into an SRA report.
Every organization has assets (e.g., people, property, and information) it relies on to achieve their organizational strategic goals and objectives. To ensure success, the organization must ascertain their assets and apply effective measures to safeguard them.
This revised standard provides guidance for conducting a security-specific risk assessment, which may include physical, non-physical, and logical risks. It provides a structured process to establish the context of the SRA, plan SRA activities, and conduct the SRA (i.e., risk identification, risk analysis, and risk evaluation). This standard also provides guidance on post SRA activities and includes an example of information that may be incorporated into an SRA report.
| ISBN | 978-1-951997-35-9 |
|---|
