Identified Risks#
Definitions#
The risks identified below are categorized using the following atributes:
- Description - description of the situation
- Impact - how the risk impacts the customer; one of (low, medium, high, very high)
- Probability - how probable it is the problem to happen
- Mitigation Time - the time objective to mitigate the risk, maybe using an temporary solution
- Recovery Time - the time to recover to a definitive solution
Risks#
| Risk | Description | Impact | Probability | Mitigation Time | Recovery Time |
|---|---|---|---|---|---|
| Data Loss | Loss or corruption of organization data by a server or application crash or sw bug | High | Low | 4 hrs | 12 hrs |
| Data Leak | Access to data by an unauthorized person | High | Low | 2 hrs | 24 hrs |
| Identity thief | Access to data in the name of another user | Medium | Low | 2 hrs | 24 hrs |
| SW Application Vulnerability | Access to unauthorized data or priviledge escalation | High | Low | 4 hrs | 72 hrs |