Threat, Vulnerability, and Consequence: A Framework for Managing Security
-
Authors:
Thomas E. Cavanagh -
Publication Date:
June 2006 -
Report Number:
A-0202-06-EA
Risk management is the intellectual core of the security field. By analyzing security in terms of risk, it is possible to translate issues of physical protection and data integrity into concepts that are relevant to business management. This Executive Action report examines the specification of risk and its application to a commonly employed analytic tool, the Security Risk Equation.