risk management program
Scada
On page 24 of the Generic SCADA Risk Management Framework, there is an example of a threat /risk assessment which is part of a risk management program. Using one of your previous case-study incidences (each student has a choice to select which incident to write about) please create a threat matrix (See example belowe). Your assessment must include what you feel is the threat to the incident you selected with the following columns:
Asset ID: (select at minimum 4 asset ID’s, for example, People, Process and Software (which become your rows), Vulnerability, Consequence (your rating), Likelihood and Treatment (Mitigation).
Example Matrix:
Asset ID Vulnerability Consequence Likelihood treatment
People
Software
Process
Your matrix must be filled out so that a risk assessment/mitigation strategy for identified asset is clearly stated with relevant information.
Leave a Reply
Want to join the discussion?Feel free to contribute!