Question

Explain risk assessment methodologies and apply these concepts and techniques to quantify hazards by levels of severity.

Answer 1

Risk assessment is about finding out what are the risks, where they are and matters most and how to mitigate the risks identified to an acceptable level for business to go on. It is a rather intensive process. Not only must the assessor find out all the systems, processes and people that are involved, he must also know what are the threats and vulnerabilities that are relevant. Risk assessment looks at all aspects of information security, which includes physical and environmental, administrative and management, as well as technical measures.

Generally, there are 2 types of risk assessment, namely qualitative and quantitative risk assessment. In quantitative risk analysis, numeric values (e.g., monetary values) are independently assigned to the different risk assessment components as well as the level of potential losses. When all elements (asset value, threat frequency, safeguard effectiveness, safeguard costs, uncertainty and probability) are quantified, the process is considered to be fully quantitative. Qualitative risk analysis does not assign numeric values to the risk assessment components. It is scenario-based and the assessors/participants will go through different threat-vulnerability scenarios and try to answer “what if” type of questions. Generally, qualitative risk assessment tends to be more subjective in nature.

Tthe following methodologies that are commonly used by security practitioners and consultants for risk assessment: - a. Asset Audit b. Pipeline Model c. Attack Tree

Asset Audit - The asset audit approach towards risk assessment looks at the assets the organisation has and determines if each asset is being protected adequately.The asset audit approach is an easy-to-use and straightforward method for assessing risks by giving the reviewer and owners a direct approach of looking at all the information assets and their risk exposure. The people involved in the asset audit process also obtain a better understanding of how information flows in and out of, as well as, is stored on the system.

Pipeline Model - Yet another risk assessment methodology, which may proves to be useful for seizing up the security of transactional systems. In this approach, risks are assessed on a pipeline, which is the system constituent that is responsible for processing a certain type of transaction.The security requirements for each pipeline are derived from the security policy of the organisation. Each pipeline is reviewed according to the five components to determine whether the security requirements are met and if not what are the gaps that need to be addressed.

Attack Trees - Attack trees are a variation of fault trees. Attack trees provide a methodical way of describing the security of systems based on who, when, how, why and with what probability an attack will happen. The top of the attack tree or its root node represents the ultimate goal of the attacker and the branches and leaf nodes show the different ways of attaining the goal.