• jt

How to Compile a Security Risk Assessment?


SRA and ISO31000

There are many ways to conduct a Security Risk Assessment (SRA). The graphics below are adapted from ISO31000:2018 Risk Management Standard to give some additional guidance and a slightly different approach.





This graphic illustrates one example of how to consider threat and criticality in the context of a security risk assessment. It is similar to the process used in SECTARA where you will also find several articles on security risk management and assessment.


111 views

Recent Posts

See All

Other Security Frameworks

Security Frameworks The following is a partial list of sources for security-related frameworks. Their presence here is not an endorsement, just a resource if you are looking for more references. I hav

©2019 by Julian Talbot