Which of the following is the first MOST step in the risk assessment process?
Answer options:
A. Identification of assets
B. Identification of threats
C. Identification of threat sources
D. Identification of vulnerabilities
Answer correct:
A
Asset identification is the most crucial and first step in the risk assessment process. Risk identification, assessment and evaluation (analysis) should always be clearly aligned to assets. Assets can be people, processes, infrastructure, information or applications.