Assessing Risk: Difference between revisions
From Cramsession
Jump to navigationJump to search
✍️ Verified Author: Mflavell • Click to view professional profile & credentials
| Line 43: | Line 43: | ||
* Theoretical - No proven path at this time to exploit the venerability. | * Theoretical - No proven path at this time to exploit the venerability. | ||
The numbers in this matrix will ultimately adjusted to an organizations tolerance to each factor of the CIA triad. | |||
Revision as of 23:31, 16 May 2025
The risk Matrix
Provides a numerical assessment or risks posed by threats to the CIA triad.
| Impact ➡️
Likelihood ⬇️ |
Confidentiality | Integrity | Availability |
| high | 5 | 4 | 3 |
| Medium | 4 | 3 | 2 |
| Low | 3 | 2 | 1 |
| Theoretical | 2 | 1 | 0 |
Likelihoods:
- High - Easy, Well known exploit.
- Medium - Requires expert knowledge to implement, could be performed by state actor.
- Low - Requires insider knowledge to implement.
- Theoretical - No proven path at this time to exploit the venerability.
The numbers in this matrix will ultimately adjusted to an organizations tolerance to each factor of the CIA triad.
