risk analysis (RA)
Risk analysis works with methodical procedures and deals with the detection and evaluation of hazards and threats to which the information systems are exposed.
Risk analysis investigates human and technical vulnerabilities in order to analyze the damage events and reduce their frequency and duration. The methodological procedures are supported by quantitative determinations of failure and hazard probabilities.
In addition to the analytical assessment of risk and estimation of the probability of future hazards, risk analysis is concerned with the consequences and costs resulting from IT systemdowntime and possible data loss.
The results of the risk analysis are incorporated into the security-related developments of the IT systems and risk management.