Risk management is the process of determining, measuring and minimizing the risk factors that can affect the profitability of an institution or organization primarily and the profitability of commercial enterprises. That is way risk management process is one of the most important elements playing the key role in the survival measures of institutions and organizations. The most important steps that make up the risk management process are the risk analysis and the risk assessment stages. By systematically doing risk analysis and risk assessment, institutions and organizations should evaluate the internal and external threats that can prevent the achievement of their goals and objectives and determine the measures to be taken. As a result of a systematic study, it is crucial for the institutions and organizations determining the risks to goal and objectives, analyzing the possible effects of risks and the probability of actualizing the risks at least once a year and determining the measures against risks and establishing action plans. In our work, by using L-Type Decision Matrix, a risk analysis and risk assessment will be made in the information systems of a medium-sized company operating in the information sector in Istanbul in accordance with the above-mentioned goals and objectives. In addition, we will try to determine the appropriate controls and measures to be taken against the possible threats with the risk analysis and risk assessment to be done on the information obtained by using various methods about the system and try to create an exemplary risk assessment report.
L-Type Decision Matrix, Risk, Risk Analysis, Risk Assessment, Risk Management Process