Security Risk assessment

I. Preliminary Planning

II. Asset Identification

  • Conduct a walkthrough of the property.
  • List all buildings and their purposes.
  • Catalog furniture and fixtures in common areas.
  • Include equipment used in operations (kitchens, laundry).
  • Review all software applications in use.
  • Compile a list of databases and their contents.
  • Identify guest information storage locations.
  • Document access controls for each digital asset.
  • Estimate replacement costs for physical assets.
  • Assess the market value of critical equipment.
  • Calculate potential revenue loss from digital assets.
  • Prioritize assets based on financial and operational value.
  • Evaluate how each asset contributes to services.
  • Determine dependencies between physical and digital assets.
  • Identify key assets vital for business continuity.
  • Engage staff for insights on asset functionality.

III. Threat Identification

IV. Vulnerability Assessment

V. Risk Analysis

VI. Mitigation Strategies

VII. Review and Update

VIII. Final Reporting

Related Checklists