top of page
  • jt

SRA Methodology

This methodology has minor adaptations from ‘FIGURE 11.3 Expansion of AS/NZS 4360:2004 Risk Management Process for Security Risk Management’ in SRMBOK (2009) to reflect the updates to ISO31000:2018.


Individual elements are described in more detail in the SRM-AM under Threat Assessment, Vulnerability Analysis, Criticality Assessment and Risk Treatments.


This model is not necessarily the best or only model. Nor does it need to be followed in a step by step process. It is designed purely to illustrate the relationships of various elements of security risk assessment to each other and provide a level of integration with models such as CARVER, ISO31000 Process, and Hierarchy of Controls in a single diagram.







1,031 views1 comment

Recent Posts

See All

1 hozzászólás


<A HREF="http://bing.com/">Shankar</A>

Kedvelés
bottom of page