Asset Criticality Criteria
The purpose of Asset Criticality criteria is to establish the relative importance of assets that are included as part of the scope of an assessment. Our methodology assumes that a risk cannot exist in the absence of assets, be they tangible (people, infrastructure etc.) or intangible (reputation, finances etc.), so the Asset Criticality stage is an integral stage of the assessment.
Asset Criticality criteria is reasonably simple to construct and includes increasing levels of criticality, and accompanying statements, over multiple rows of the table. A default set of criteria is included within the system – use this as the basis for modifying and saving your own sets of criteria.
You may create as many different sets of criteria as you need – different assessments often require slightly different approaches, especially in instances where an assessment is being completed for another organisation.
Once an assessment has been completed, users will notice that the ratings applied to individual assets will appear automatically within the Threat Assessment (under ‘Primary Assets at Risk’) and the Risk Register.