With the scope already defined, a risk assessment can effectively occur to examine the frequency and impact of various threats to the organization. It will also mean a closer look at how mitigating controls are preventing any existing risks. This phase will take you through the following activities:

  • Defining frequency and impact for the company.
  • Identifying risks using STRIDE.
  • Determining risk actions currently being taken.
  • Mapping existing security countermeasures to the risks.
  • Review final results of the risk assessment.

Use this phase as part of the full blueprint, Develop and Conduct Threat and Risk Assessments.

Also In

Develop and Conduct Threat and Risk Assessments

If you don’t assess risk, you’re accepting it.

Related Content

Social

Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.