Explain why risk management is an important component of an organization’s security program.
Explain the purpose of a risk management program. What are the four major components of a risk management program? Why is it a cycle? Why should a risk management program be continual in nature?
Describe the types of risk. Provide examples of each.
What is risk assessment? What is its role in risk management?
What is the purpose of a security survey? What are some key elements of these surveys?
How is an asset evaluated to determine its vulnerability, probability, and criticality of loss?
What are the four ways to mitigate risk? Provide examples of each.
What is a continuity plan? Provide an example.
What is a contingency plan? Provide an example.
Explain the three stages in a disaster-related contingency plan.