Security Risk Assessment
The
security risk assessment is the
security work product that
documents the results of assessing the security risks
associated with an
endeavor or
center.
The typical objectives of a security assessment report are
to:
- Document potentially threatened assets.
- Document potential threats to these assets.
- Document the likelihood of these threats being
realized.
- Document the estimated costs of the associated
losses.
The typical benefits of a security risk assessment are
to:
- Force an organization to recognize significant threats
and associated vulnerabilities.
- Enable an organization to take appropriate
countermeasures.
- Support the disaster recovery and risk management
activities.
- Minimize organizational risks due security violations:
- Loss of revenue through loss of service, loss of data,
fraud, etc.
- Loss of privacy of confidential data and
communications.
- Loss of credibility and reputation with customers,
users, partners, shareholders, and other stakeholders.
- Ensure that each application, database, center, and
network has an appropriate level of security.
The typical contents of a security risk assessment are:
- Threatened Assets and Their Value
- Communications
- Data Components
- Hardware Components
- Software Components
- Personnel
- Facilities
- Corporate Reputation and Brand
- Potential Threats:
- Denial Of Service Attack
- Fraud (violations of authorization)
- Impersonation (violations of identification and/or
authentication)
- Privacy Violation (violations of data or
communication confidentiality)
- Repudiation (of a transaction)
- Sabotage
- Terrorism
- Theft (of data, software components, or hardware
components)
- Unauthorized Copying (of data and software
components).
- Vandalism (unauthorized modification or destruction
of data, software components, or hardware
components).
- Virus, Worms, Trojan Horses, etc.
- Vulnerabilities to Theats.
- Communications (e.g., intercepted, modified, deleted,
copied).
- Data, hardware, and software components (e.g.,
copied, destroyed, modified, stolen, and/or viewed).
- Data Media (e.g., copied, destroyed, stolen)
- Facilities (e.g., buildings, furniture, air
conditioning, electrical systems, fire suppression)
- Personnel (e.g., injury, kidnapping, murder).
- Frequency/Probabilities of Threats
- Cost/Impact of Threats
- Prioritization of Threats
- Appendices:
- Major Issues
- TBDs
- Assumptions
The typical stakeholders of a security risk assessment
are:
- Producer:
- Evaluators:
- Approvers:
- Maintainers:
- Users:
-
Requirements Team, which uses the security risk
assessment to produce security requirements.
-
Architecture Team, which uses the security risk
assessment to architect security mechanisms.
A security risk assessment is typically developed during the
following phases:
A security risk assessment typically can be started if the
following preconditions hold:
A security risk assessment typically has the following
inputs:
- Work Products:
- Stakeholders:
- The
security requirements for individual applications or
components are documented in the associated
system requirements specifications.
- The security mechanisms for individual applications are
documented in the associated software architecture
documents.
- There is an overlap between a security risk assessment of
intentional manmade threats and an overall risk assessment
(which also includes natural and unintentional manmade
threats).
The security assessment report is typically constrained by
the following conventions:
-
Content and Format Standard
-
MS Word Template
-
XML DTD
-
Inspection Checklist
-
Example Security Risk
Assessment