Managing EC Security Security Risk Management security risk management A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks Security risk management consists of three phases Asset identification Risk assessment Implementation Electronic Commerce Prentice Hall 2006Electronic Commerce Prentice Hall © 2006 21 Managing EC Security • Security Risk Management security risk management A systematic process for determining the likelihood of various security attacks and for identifying the actions needed to prevent or mitigate those attacks – Security risk management consists of three phases: • Asset identification • Risk assessment • Implementation