To increase the value of assets

To evaluate the current level of risk and identify potential risk mitigation strategies

To eliminate all threats

To determine the profitability of the organization

A guaranteed loss to the organization

A threat that can leverage a vulnerability to cause damage

An opportunity for profit

A measure of asset value

Determine threats

Analyze risk

Determine assets within the scope and their value

Identify vulnerabilities

To increase the number of assets

To identify weaknesses that could be exploited by threats

To calculate the financial worth of the organization

To eliminate all risks

Determine vulnerabilities

Analyze risk

Determine threats

Determine asset value

Processes

Actions

Asset depreciation

Locations

Determine asset value

Analyze the risk posed by each vulnerability/threat

Determine threats

Identify vulnerabilities