摘要 |
A method for analyzing risk to a system, the method being carried out by a computer having a processor and system memory, includes the steps of inputting data representing multiple threat objectives that comprise the risk, calculating a residual risk for each threat objective in view of a plurality of control mechanisms, and generating output representing an overall residual risk to the system that is a combination of the residual risks.
|