Risk Assessment Tools
Some security risk assessment tools and methods that organizations may use to help assess and illustrate risks are shown in the list below.
- Tables to illustrate the combined effects of probabilities with impacts.
- Questionaires to ask business and technical staff about processes, operations, and possible threats.
- Checklists to verify compliance with policies and standards.
- Analysis and brainstorming about "what if" scenarios by business and technical staff. Include equipment failures, environmental problems, human errors, and other scenarios.
- Standard report formats.
- Software to help automate the process.
- Lists of threats and controls.