Risk assessment is the determination of quantitative or qualitative estimate of risk related to a well-defined situation and a recognized threat or hazard. The RM Studio Risk Assessment was designed for the ISO/IEC 27001:2022 based on the ISO/IEC 27005:2022 Information technology — Security techniques — Information security risk management (second edition). The development over the years has also incorporated elements of the ISO 31000:2018, as well as small influence from a few other standards. Currently the risk assessment methodology follows and fully complies with the ISO/IEC 27001:2022 (clause 6.1.2). In RM Studio the risk assessment and management follows a five step process: The RM Studio Risk Assessment (RA) is built from the data entry items in the Common section of the Navigation bar. The Business Entities, Contacts, Assets, and Threats are compiled together to form the desired risk assessment. It is very important to remember the initial setup and understanding of the scope for the RA should be well thought out prior to beginning the RA. To open the Risk Assessment simply double click in the Nav tree. The Risk Assessment opens into the work space. If you are using a new database for the first time the list will be empty. If you are re-opening the Risk Assessment in a database that has previous RAs, you will notice the list of RAs. The focus will jump to the most recent RA you have created. 6.Risk Assessment
Risk Assessment relationship visualisation