Home Page Asset Identification Operational Controls Management Controls Technical Controls
Risk Management includes establishing and/or evaluating current and proposed security controls for asset protection and how well they identify or protect against threats, vulnerabilities, and likelihood of loss - both known and surmised. 

Most organizations realize the importance of risk management and related risk assessments; however, they quickly discover that the task is more involved than anticipated.  Consequently, efforts are often terminated due to the lack of funds or commitment.   Our EAP, which contains user-friendly Common Office Environment (COE) tools and techniques, is designed to help establish a comprehensive risk management program that will curtail the probability of loss and/or its impact.

Implementation and Use - Go to the section on Logistics, Storage, & Flexibility to review procedures on developing and maintaining security assessment reports.  We provided a sample assessment folder populated with selected documents as an example.  The following link contains examples of security controls and how they may be implemented:  Sample Security Controls.

How to Conduct a Risk Assessment as per NIST SP 800-30