ABSTRACT
To understand the level of risk that exists within the operating environment, periodic risk assessments need to be performed. In distributed computing, nothing remains constant. Vulnerabilities, loopholes, and backdoors are being discovered all too frequently. In large operating environments with multiple platforms and hundreds of servers, ensuring that a single security hole is fixed can be costly and time-consuming. A program for understanding and managing risk is the topic of this chapter. This chapter reviews the areas for assessment and provides sample workplans for those reviews.
