The process of identifying potential threats to an organization's information systems and assessing the likelihood and impact of each threat.
The process of identifying potential threats to an organization's information systems and assessing the likelihood and impact of each threat.