Over the past few years, there has been a rapid development of Global IT infrastructures, which has fundamentally shifted the way information is managed today. In this dynamic environment, new dependencies and new risks are born. Information is a valuable business asset and organizations must make sure that information remains available and trustworthy yet protected from intrusion.
Today, organizations need to realize that in order to protect their information assets in an effective and efficient way they must understand what are the risks associated with the use of their information systems. In this context, a risk assessment methodology represents a valuable tool which can be used by modern organizations to assist them firstly to identify and rate the risks associated with the use of their information systems and secondly to take the appropriate measures to protect their information systems. The purpose of this paper is to address the issue of risks with respect to information security.