Identification of the assets to be protected is the first step in the development of a risk
Steps of Risk Assessment:
-First step is to identify the assets.
-Second step is to identify relevant risk (vulnerability/threat)
-Third step is to do impact analysis
-Fourth step is prioritize the risk on the basis of impact
-Fifth step is to evaluate controls.
-Sixth step is to apply appropriate controls.