Assessment of Protection Needs
The assessment fixes the protection requirements, the protection requirements of business processes, information processes and computer components. To do so, all possible damages are considered that might occur in case of an impairment of the internet security, confidentiality, integrity or availability. A key point is the realistic assessment of possible consequential damages. The classification into three categories – normal, high and very high – proved useful.