risk analysis

Risk analysis is the process of defining and analyzing the dangers to individuals, businesses and government agencies posed by potential natural and human-caused adverse events. In IT, a risk analysis report can be used to align technology-related objectives with a company's business objectives. A risk analysis report can be either quantitative or qualitative.

In quantitative risk analysis, an attempt is made to numerically determine the probabilities of various adverse events and the likely extent of the losses if a particular event takes place.

Qualitative risk analysis, which is used more often, does not involve numerical probabilities or predictions of loss. Instead, the qualitative method involves defining the various threats, determining the extent of vulnerabilities and devising countermeasures should an attack occur.

Read more about risk analysis: - Shon Harris' Risk Management Guide explains how to conduct a risk analysis. - The Society for Risk Analysis provides an open forum for people interested in risk analysis. - The Harvard Center for Risk Analysis is devoted to the use of decision sciences to promote public health and welfare.

Do you have something to add to this definition? Let us know. Send your comments to techterms@whatis.com

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Database patch denial: How 'critical' are Oracle's CPUs? A recent survey found that a considerable number of users are outright rejecting Oracle's Critical Patch Updates. Is attack code valuable for vulnerabilities or just a publicity stunt? If a security company has developed attack code for a particular vulnerability, there will always be critics that cry "PR stunt." Expert Michael Cobb... Will the features of Windows Vista SP1 encourage wider adoption of the OS? Platform security expert Michael Cobb explains the benefits and drawbacks of Windows Vista Service Pack 1.

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary gray hat  (SearchSecurity.com) vulnerability analysis  (SearchSecurity.com) Vulnerability analysis, also known as vulnerability assessment, is a process that defines, identifies, and classifies the security holes...