Skip to content
  • There are no suggestions because the search field is empty.

Performing a Risk Assessment

A risk assessment lets you evaluate the real-world impact and likelihood of a specific risk scenario — and define what should be done to reduce it.

You can perform assessments for:

  • A processing activity (e.g. payroll handling)
  • A system/asset (e.g. Microsoft 365)

How to Perform an Assessment

  • First make sure that you have setup your risk template
  • Select:
    • Scope (asset or activity)
    • Compliance domain (GDPR, NIS2, etc.)
  • Open Risk Assessment for a processing activity or a Asset
    open-risk-assessment
  • The risk scenarios will now appear
    risk-assessment
  • For each scenario:
    • Rate likelihood and describe possible consequences.
    • Rate impact and describe security measures.
    • Describe existing controls
    • Suggest planned actions
    • Provide an overall justification
      risk-scenaruio

Examples

  • Scenario: Loss of availability
  • Likelihood: Low
  • Impact: High
  • Controls: Redundant backup and 24/7 monitoring
  • Final score: Moderate

After Assessment

  • Export to PDF or Excel
  • Create mitigation tasks directly from scenarios
  • Reassess later using version control

Related Articles