Hierarchical protection is to divide the information system into different levels according to its importance and certain standards, and give different levels of security protection requirements to ensure the security and stability of the information system.
Risk assessment refers to identifying risks in information systems through comprehensive and systematic assessment and analysis of possible threats and risks in information systems, and then taking corresponding security measures to reduce the occurrence and impact of risks. The purpose of risk assessment is to better understand the security situation of information systems, so as to effectively prevent and respond to possible security incidents.