Risk analysis according to IT-Grundschutz#
In part, the necessary information is based on additional data to be documented, in part on data already collected as part of the procedure with VIVA according to BSI Standard 100-2.
Identifying hazards#
When assigning building blocks to a target group, hazards that belong to this building block are taken into account in addition to measures. Additional hazards can be added or existing ones can be adjusted or deleted. This is done within the assigned building blocks. (See BSI standard 100-3, chapters 3 and 4.)
Assess hazards#
The assessment of hazards (See BSI Standard 100-3, Chapter 5.) is documented within the linked hazards - to be found under Information Network → Target Group → Linked Module → Linked Hazard.