How can we help?

You are here:

Risk Criteria and Matrix

Risk Criteria Elements

  • Consequence Criteria: the impact that risk events could have on assets. Users define risk impact statements and ratings.
  • Likelihood Criteria: the probability that a risk event will occur despite existing controls (and corresponding levels of susceptibility/vulnerability to assessed Threat Actors/Hazards). Users define risk likelihood statements and ratings within the table provided.
  • Risk Tolerance: Allows users to indicate a level of  risk that the organisation is willing to accept (subject to any stated conditions). Risk rating values and associated colours are defined here for the Risk Matrix below.
  • Risk Matrix: Allows users to select values for each cell of the matrix based on previously defined Consequence and Likelihood criteria. Note: risk rating values/colours will only appear within the Risk Matrix once the Risk Tolerance table has been populated.

Risk Criteria and Matrix

Previous Risk Control Effectiveness Criteria
Next Criteria Library