Risk Analysis is one of the first steps to do when we want to create:
- An ISMS (Information Security Management System)
- An BCMS (Business Continuity Management System)
- An BIA (Business Impact Analysis)
- A PIA (Private Impact Analysis)
- A Project
In the moment of doing a risk analysis, we are in the first step of a PDCA process (Plan – do – check – act, also called Deming circle) so it is very important to do a good analysis. All the other processes depends on our first analysis.
I created 2 presentations about Risk Analysis & Risk Management; this is the first of these 2 documents.
This presentation incluse all these topics:
1. Risk Analysis: General Principles
2. ISO 31000: 2009
3. Risk Analysis: Elements and their relationships
4. Risk Analysis: MAGERIT Methodology v.3
5. Risk Analysis: Development of the phases
You can see my presentation here (in Spanish):