top of page

What are Threat Acts and Threat Tolerance?

Updated: Mar 11, 2020

Sources of risk vary depending on whether you are analyzing a strategic, operational, or tactical situation.

Developing a threat assessment is a specialized task and organizations that do not have access to commercial or government threat assessments should consider outsourcing their threat assessment to commercial sources or consultants to develop comprehensive and timely threat assessments.

Threat analysis methodology is not addressed in this article however a poorly-developed Threat Assessment reduces the overall credibility of the security risk assessment. The key issue is that a Threat Assessment (TA) is essential for decision-makers and security risk analysts to make informed decisions with a solid understanding of the threat environment.

Threat Acts

Threat Acts (Events) are unlimited in range, variety, and significance but can include the following.


  • Armed attack

  • Armed robbery

  • Arson

  • Assault

  • Improvised explosive device (IED) attack

  • Kidnap and ransom

  • Malicious damage

  • Non-violent protest

  • Theft

  • Trespass

  • Vehicular attack

  • Violent protest

  • Workplace violence


  • Commercial espionage

  • Compromise of electronic device

  • Creation and distribution of a virus

  • Cyberstalking

  • Disclosure of sensitive information

  • Distributed denial of service (DDOS) attack

  • Electronic audio surveillance

  • Electronic communications surveillance

  • Electronic interception

  • Fraud

  • Identity theft

  • Industrial espionage

  • Malware

  • Man-in-the-middle attack

  • Network penetration

  • Phishing

  • Ransomware

  • Social media campaign

  • Theft of intellectual property

They are listed here as physical or virtual attacks but it is important to recognize that many of them can fit into either.

Threat Tolerance

Organizations or individuals will have varying tolerances for risk and their ability to withstand threats will vary. This concept can be summarised as follows:

Example of a threat tolerance rating
Threat Tolerance Table

89 views0 comments

Recent Posts

See All


bottom of page