Identifying Assets and Activities to Be Protected |
CHAPTER |
AN IMPORTANT FIRST STEP IN RISK MANAGEMENT is identifying valuable assets in the organization. Organizations have a wide variety of assets that need to be protected, which include obvious assets, such as hardware and software; data and personnel; and system functions and processes.
After the organization has identified the important assets, it can take steps to protect them. A business impact analysis helps it identify the impact if one of its services fails, and a disaster recovery plan helps it identify the steps needed to restore a failed system. On a larger scale, the organization can use a business continuity plan to help ensure that mission-critical systems continue to operate even after a disaster.
This chapter covers the following topics and concepts:
When you complete this chapter, you will be able to: