Threat Risk Assessment Template
A risk assessment is the foundation of a comprehensive information systems security program. It is the process of identifying, analyzing, and reporting the risks associated with an IT system’s potential vulnerabilities and threats.
Good business practices require all “major systems/applications” to undergo formal risk assessment reviews as part of their certification process. Risk assessments must be performed for each major system/application or when there is a major change in the system’s technical environment.