week 11
C2 Assessment of the risk severity for each threat
• A risk is a threat that could result in some form of loss at some point in time.
• Risk severity = probability of the threat occurring × expected impact level/value
of the loss.
• Measures for risk severity include:
o risk severity = low, medium, high and extreme
o probability of the threat occurring = unlikely (approximately every year),
likely (approximately every week or month) and very likely (approximately once
or more a day)
o impact level/value of the loss = minor, moderate and major.
• Be able to use the following risk severity matrix:
• Risk assessment approach:
o risk assessments are carried out during system design (review) and at regular
intervals during operation (audit) and following a security breach, as threats are
constant and ever changing
o a risk assessment method:
– identify possible threats and assess the probability of different threats occurring
– assess the vulnerabilities of a computer-networked system to specific threats
– assess the impact level/value of the potential loss
– determine the risk severity (low, medium, high and extreme).
Last Updated
2018-08-29 14:24:36
Links to Learning Outcomes |
Links to Assessment criteria |
|
|---|---|---|
English
Maths
How 2's Coverage
Anonymous Assessment - Learners assess an anonymous piece of work containing deliberate mistakes against given success criteria.
Anonymous Assessment - Learners assess an anonymous piece of work containing deliberate mistakes against given success criteria.
Files that support this week
Week 10←
PrevWeek 11←
PrevWeek 12←
Prev→
Next→
Next
