• jt

How to Compile a Security Risk Assessment?


SRA and ISO31000

There are many ways to conduct a Security Risk Assessment (SRA). The graphics below are adapted from ISO31000:2018 Risk Management Standard to give some additional guidance and a slightly different approach.





This graphic illustrates one example of how to consider threat and criticality in the context of a security risk assessment. It is similar to the process used in SECTARA where you will also find several articles on security risk management and assessment.


118 views0 comments

Recent Posts

See All