ID.RA-04: Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded
Ex1: Business leaders and cybersecurity risk management practitioners work together to estimate the likelihood and impact of risk scenarios and record them in risk registers
Ex2: Enumerate the potential business impacts of unauthorized access to the organization’s communications, systems, and data processed in or by those systems
Ex3: Account for the potential impacts of cascading failures for systems of systems
Tier
Description
Potential impacts and likelihoods of threats exploiting vulnerabilities are identified and recorded