Risk Analysis Life Cycle

1. Identify the Risk: Determine your assets and identify threats that are likely to attack those assets.
2. Assess the Risks: Determine the asset value. Produce a risk matrix to determine which risk is greater given the company’s environment. 
3. Develop Risk Management Plan: Set-up policies, procedures, and backup recovery plans. 
4. Implement Risk Management Actions: Put your policies and procedures in writing, do training and awareness with other employees. 
5. Re-evaluate the Risks: Every 6-months review your risks and policies and make sure they are still relevant. Determine what risk is most likely to still be compromised.