Security Risk assessment are the activities undergoing in an organisation for identifying and understanding the risks to system and data. There are different stages of risk assessment which should be performed when a new system is developed throughout its development life cycle.
Preliminary Risk Assessment
This stage of risk assessment is needed as it identifies the generic risks which are applicable to system and also helps in deciding how to achieve an adequate level of security at a reasonable cost.
Design Risk Assessment
This stage of risk assessment helps in identifying potential and known vulnerabilities which further helps in deciding functionality of system and how to implement, test and deploy.