IT Security Policy - Risk Management

12345678
Across
  1. 2. Organization's willingness to accept risk
  2. 3. identifies applicable regulatory requirements regarding information security
  3. 5. Used to evaluate and document process maturity for a given area
  4. 6. risk mitigation strategy designed to reduce/eliminate threat
  5. 8. Level of risk after security measures are applied
Down
  1. 1. Systematic evidence based evaluation
  2. 4. Process of managing, directing, controlling and influencing organizational decisions, actions and behaviours
  3. 5. Provides expert leadership
  4. 6. Risk assessment methodology
  5. 7. Assigning risk