Microsoft proposes six steps to enable proper reactive management of security risks which include: protecting safety and life, containing and assessing the damage, determining the cause of and repairing damage, reviewing risk response and updating procedures in the hopes of preventing risk in the future (Microsoft, 2004).

A proactive approach is much more advantageous however as it enables corporations to prevent threats or minimize risks before negative occurrences happen within an organization. A proactive approach requires that organizations first identify what assets they have that need protecting, then determine what damage an attack could have on assets in question, next identify any vulnerabilities that could occur within current securities and finally decide on procedures to minimize the risk of threats and attacks by implementing proper risk management controls and procedures (Microsoft, 2004). In this sense risk management is much like risk "assessment' which allows organization to place value on assets...
[ View Full Essay]