CONTROL AND ACCOUNTING INFORMATION SYSTEMS. Chapter 6. Review and New Terms. A threat is any potential adverse occurrence or unwanted event that could injure the AIS or the organization. The exposure is the potential dollar loss that would occur if the threat becomes a reality.
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Risk & ControlComponents
Identify the events or threats
that confront the company
Estimate the likelihood or
probability of each event occurring
Estimate the impact of potential
loss from each threat
Identify set of controls to
guard against threat
Estimate costs and benefits
from instituting controls
Avoid, share, or accept risk
Reduce risk by implementing set of
controls to guard against threat