The main objective of the information system security assessment is to identify areas which need improvements. The secondary objective is to familiarize IT personnel and users with identified vulnerabilities and how to adequately protect the information during daily operations.
