Information Security

1

2

3

4

5

6

7

8

9

10

11

12

13

Threat Event

Threat Source

Threat Source Characteristics

Relevance

Likelihood of Attack Initiation

Vulnerabilities and Predisposing Conditions

Severity and Pervasiveness

Likelihood Initiated Attack Succeeds

Overall Likelihood

Level of Impact

Risk

Capability

Intent

Targeting

Risk 1

Choose a tier.

Describe the threat event from the case study.

Choose a type.

Describe the threat source from the case study.

Choose a qualitative value.

Or enter a quantitative value.

Choose a qualitative value.

Or enter a quantitative value.

Identify the vulnerability.

Choose a type of predisposing condition.

Severity

Choose a qualitative value.

Pervasiveness

Choose a qualitative value.

Choose a type.

Describe the potential impact to the organization in the case study.

Choose a qualitative value.

Risk 2

Choose a tier.

Describe the threat event from the case study.

Choose a type.

Describe the threat source from the case study.

Choose a qualitative value.

Or enter a quantitative value.

Choose a qualitative value.

Or enter a quantitative value.

Choose a qualitative value.

Or enter a quantitative value.

Choose a qualitative value.

Or enter a quantitative value.

Identify the vulnerability.

Choose a type of predisposing condition.

Severity

Choose a qualitative value.

Pervasiveness

Choose a qualitative value.

Choose a qualitative value.

Or enter a quantitative value.

Choose a qualitative value.

Choose a type.

Describe the potential impact to the organization in the case study.

Choose a qualitative value.

Choose a qualitative value.

Or enter a quantitative value.