What Does a Risk Assessor Do?
The risk assessor is a person who assesses the threats to the information assets, the existing weaknesses, the impacts, and the possibility of the risks caused by the combination of the three. As the basis of risk management, Risk Assessment is an important way for an organization to determine its information security needs, and belongs to the process of organization's information security management system planning.
Risk assessor
- 1.Familiar
- University degree or above, with engineer title or above
- 1. Strong ability of expression and understanding, and strong desire for knowledge;
- 2. Have good communication skills and a good sense of service;
- 3. Have entrepreneurial passion, strong enterprising spirit, persistent professionalism and strong sense of teamwork.
- There are several key issues to consider during the risk assessment process.
- First, what is the object (or asset) to be protected? What is its direct and indirect value?
- Second, what are the potential threats to assets? What is causing the threat? How likely is the threat?
- Third, where are weaknesses in assets that could be exploited by threats? How easy is it to use?
- Fourth, once a threat event occurs, what kind of loss or negative impact will the organization suffer? Finally, what security measures should the organization take to minimize the risk of losses?
- The process of solving the above problems is the process of risk assessment.