Use this template to document the exact process your organization uses when conducting a threat and risk assessment. The template will help you document:

  • When to conduct a threat and risk assessment.
  • The scope of the assessment.
  • What criteria is used to evaluate risk.
  • How assessment results can be evaluated.

Formalize your threat and risk assessment process to know exactly what steps need to be followed when performing this risk analysis.

Also In

Reduce and Manage Your Organization’s Insider Threat Risk

Insider threats are not always malicious, but that doesn’t mean they won’t cause damage.

Also In

Combine Security Risk Management Components Into One Program

With great risk management comes a great security program.

Related Content

Hide Details

Search Code: 83298
Published: March 1, 2017
Last Revised: March 22, 2019

Tags:

risk management, risk analysis, Risk assessment, threat assessment, STRIDE, risk acceptance, risk tolerance, project risk, initiative risk, risk audit

2 Comments

  • Missing comment
    Eric Danso | 11-02-2020

    Suggest updating framework by which Risk is measured --- I have yet to see STRIDE used -- in 20+ yrs in Security.

  • 2aba1a52a466f24e3a0747e36dbad24e comment
    Aaron Shum | 11-03-2020

    Hi Eric, thank you for your feedback. We are aware of the limitations of STRIDE and does intend to update our content to include more commonly used threat models. We have an in-flight project updating our threat modeling research and should have an updated framework by early next year. If you would be willing to contribute our research, I'll be happy to setup an interview via our researching analyst.

Social

Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019