Risk Assessment

Risk Assessment Guide

What is it?

The Risk Assessment Guide is used to analyze vulnerabilities, potential threats and risks for an organization, and the organization’s IT systems.

This guide is based on controls found in the NIST Special Publication 800-53, the Shared Assessments Program Agreed Upon Principles, ISO 27001 and other highly regarded industry standards. This guide is meant to trigger a thought process to identify vulnerabilities and risks particular to your organization and is not meant to be a comprehensive list of potential risks.