Risk")
- List the corporate requirements (i.e., standards, laws) associated with the company. Briefly explain the impact of non-compliance.
- Develop categories and a classification method for company information systems. List at least eight categories for various people, processes, hardware, software, and data applicable to the company. Describe the data/system classification scheme as well as the reasons for selecting it.
Part 2: Identify Risk ("Where is the Risk to My Information Assets") - List a minimum of 20 assets (data, systems, people, processes, etc.) and measure their value to the company (Low, Moderate, High, Critical) in a simple table.
- In one column, identify assets that can impact company compliance, customer satisfaction, competitive advantage, or business productivity (i.e., Business Impact Analysis).