The credit union information security risk assessment

by: Robin Remines

I’m not a gamer but I live with two. And on any occasion that I happen to pass by their consoles I can be assured I’ll see two meticulously outfitted warriors ready to fend off whatever WOW (World of Warcraft) threat is imminent.  In most cases, my crew is successful due to preparedness and a clear understanding of the risks.

Now I realize that credit union Information Security Risk Assessment preparation isn’t nearly as exciting but with the right preparation and tools, you CAN make it impactful (and yea, sneak in a bit of warrior skills as well).  The FFIEC IT Handbook provides a sound basis for performing the work.

What is an information security risk assessment?

The Information security risk assessment is the process used to identify and understand risks to the confidentiality, integrity, and availability of information and information systems. In its simplest form, a risk assessment consists of the identification and valuation of assets and an analysis of those assets in relation to potential threats and vulnerabilities, resulting in a ranking of risks to mitigate. The resulting information should be used to develop strategies to mitigate those risks.

continue reading »