Sign-up for a RiskTree trial >>

Cyber Security News and Insights

Category: Risk Reporting

Probability/impact graphs have been used for a long time to assess risk, especially in spreadsheet-based risk registers. They give a misleading impression of risk levels though and hence organisations should be using alternative, and better approaches.
why should I use attack trees?
Attack trees allow you to build a structured model of your risks. These can be quickly and easily updated as changes are made to the system being assessed. Rather than being an unwelcome annual process, updating the risk assessment becomes part of the day-to-day process. If you’re building a new system, it will integrate with project management, creating a virtuous circle..
If you manage risk, one vital part of your job is reporting your project’s status and results to other groups: the board, management, and external auditors. And when building reports, risk managers must pay careful attention to the relationships of the intended audiences.
News Categories: