Risk analysis related to information security and infrastructure Research Paper

Risk analysis related to information security and infrastructure protection - Research Paper Example ectives and goals of performing a risk analysis on infrastructure and security protection, the target audience for whom a risk analysis is performed, the steps necessary for performing a risk analysis including assessment and evaluation, threats and cost-effective security measures, the types of securities to be included in a risk analysis for recommendation purposes, and how to mitigate a security threat and address it accordingly. Risk analysis on infrastructure and security is can be performed at various levels and many degrees of detail. Risk analysis reports can cover every business aspect. Risk analysis may be performed by both big and small organizations, and even individuals. Informal decision making follows not a comprehensive step of an elaborate risk analyses. There is no clear standard in making decision on where to draw the line on depth of analysis of risk. The process of risk analysis illustrates that there is no particular, one solution to security, and therefore the required attempts and efforts to have all risks eliminated would overwhelm organizations. However, all identified relevant factors to an organization needs to be weighed in order to have a particular acceptable risk level that can be matched to the strategy of risk management. Risk analysis hence involves anticipating the most probable outcome and allocating the resources available in order to address that outcome (Hollinger, 1997). The objectives and goals of performing a risk analysis on infrastructure and security protection are to identify and determine threats to infrastructure and security, and to provide recommendations that address the identified threats. Another goal and objective may be to protect individual components such as hardware, software, and other connected devices. Although it may be easy to replace a hard drive, the information content may be irreplaceable and therefore loss may be a catastrophe to an organization. The target audience for whom a risk analysis is