From the course: Security for the SMB: Implementing the NIST Cybersecurity Framework
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Assessments and audits
From the course: Security for the SMB: Implementing the NIST Cybersecurity Framework
Assessments and audits
- [Instructor] A way to proactively detect real or potential security issues is to perform an assessment or audit. This allows business leaders to best prioritize activities to address risks facing their organization. There are four main types of security assessments that can detect computer problems, risk assessments, vulnerability assessments, penetration testing, and compliance audits. A risk assessment is a wholistic approach for identifying and categorizing organizational risks based upon the likelihood of their occurrence and the expected impact they will have on organization's operations. This is then weighed against costs of remediation. A risk assessment is more comprehensive than a vulnerability assessment or penetration test. A risk assessment report contains the evaluation of threats and vulnerabilities that may impact your organization. In this special publication, 800-30 provides a step-by-step process for…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.