Use this template to document the exact process your organization uses when conducting a threat and risk assessment. The template will help you document:

  • When to conduct a threat and risk assessment.
  • The scope of the assessment.
  • What criteria is used to evaluate risk.
  • How assessment results can be evaluated.

Formalize your threat and risk assessment process to know exactly what steps need to be followed when performing this risk analysis.

Also In

Reduce and Manage Your Organization’s Insider Threat Risk

Insider threats are not always malicious, but that doesn’t mean they won’t cause damage.

Also In

Combine Security Risk Management Components Into One Program

With great risk management comes a great security program.

Related Content


  • Missing comment
    Eric Danso | 11-02-2020

    Suggest updating framework by which Risk is measured --- I have yet to see STRIDE used -- in 20+ yrs in Security.

  • 2aba1a52a466f24e3a0747e36dbad24e comment
    Aaron Shum | 11-03-2020

    Hi Eric, thank you for your feedback. We are aware of the limitations of STRIDE and does intend to update our content to include more commonly used threat models. We have an in-flight project updating our threat modeling research and should have an updated framework by early next year. If you would be willing to contribute our research, I'll be happy to setup an interview via our researching analyst.


Get Access

Get Instant Access
To unlock the full content, please fill out our simple form and receive instant access.
Visit our COVID-19 Resource Center and our Cost Management Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019