Prev | Next |
Risk Taxonomy
Getting to know Risk Taxonomy
Introducing Risk Taxonomy |
Risk Taxonomy is a facility to define a comprehensive, stable and reusable set of risk categories that can be applied universally across the system. This includes definitions of Threats, Loss type, Contact Frequency, Loss Magnitude, Risks and more. It is based on the Open Group Standard for Risk Taxonomy (OR-T) and provides Toolbox pages and diagrams for defining the Taxonomy.
|
Where to find the Taxonomy |
Ribbon: Design > Diagram > Add Diagram > Risk Taxonomy > Risk Taxonomy Browser window Toolbar : New Diagram icon > Risk Taxonomy > Risk Taxonomy Browser window context menu | Add Diagram... > Risk Taxonomy > Risk Taxonomy |
Usage of Risk Taxonomy |
Risk Taxonomy provides a common language and references for Security Analysts and Business Analysts who need to understand and analyze risk in a formal way. It allows Analysts to estimate the probable likelihood, frequency and magnitude of future loss. |
Options for Risk Taxonomy |
Risk Taxonomy can be used at varying levels of formality depending on the initiatives, processes and requirements for risk assessment. The Relationship Matrix could also be used to record the relationships between the discrete values, Threat Capability and Resistance (Control) Strength to determine the derived Vulnerability. Toolbox pages of elements and relationships are available for the Risk Taxonomy diagram, allowing sophisticated models of risk to be created. |
Learn more about Risk Taxonomy |