In the Scope and Basic Criteria field you will enter the defined Scope for your Assessment along with the Basic Criteria that you have given yourself. The Scope will define all the aspects that you will take into account when doing your Assessment. The Basic Criteria will state how much Risk you are willing to accept i.e. the minimum level of Risk. See the following text for an example of “Scope and Basic Criteria” RM Studio contains a database of Threats. If you want to create a new Threat at this point, then you must first save and close the current Assessment before creating a “New Threat” in the Threat module of RM Studio. Each Threat must be examined. If you do not agree that a Threat is imminent, you can delete it by highlighting the Threat. Enter information in the Description window to support the Assessment. The values registered for the properties of the Threat are used for calculating the Security Risk. In the Standard Evaluation Template the properties are: Impact, Probability and Vulnerability. The values for each of the properties can be defined as Immense, Very High, High, Medium or Low. The definitions of the terms can be found in the Definitions of Threat Properties. The properties and their values can be adjusted as needed via the Evaluation Templates. IMPACT OF THREAT The Impact of Threat property assesses how serious the consequences are should the Threat occur. PROBABILITY OF THREAT The Probability of Threat property dictates how likely a Threat is to occur. VULNERABILITY OF ASSET The Vulnerability of Asset property evaluates how vulnerable the Asset is to the Threat. RM Studio provides powerful trace-ability capabilities, with a complete version history on Risk Assessments. Users can now call up a version history for any Assessment and view previous versions as a whole or dig down into the individual building blocks of the Assessment, such as Assets and Risks. The version history will be applied to other elements of RM Studio and made even more powerful in our future releases. If you right-click on a Risk Assessment, an Asset in Assessment, or a Risk, you can choose History from the context menu. This will bring up the Item History window (1). This window shows the entire history for this particular item. You will see the ID of the Change-set associated with the history entry, the action taken, who performed the action and when. If you then right click on any entry in the Item History window, you can choose “View Item”, “Change-set details”, and if you are viewing the item history for an Assessment, you can choose “View Assessment version”. 6.1.6.Various Definitions
Scope and Basic Criteria
Relationship Between Assets and Threats
Evaluation Values
History
Item History