Risk Treatment

Owned by Tino Pförtner
Last updated: Aug 27, 2024
1 min read

Risk Treatment is done for each combination of damage- and threat scenarios. In the TARA table, open the nested table for threat scenarios of any damage scenario. To the right of Threat Scenario, you find the Risk Values group, showing the derived risk level for any rated impact category.

The Risk Treatment section provides several options on how to handle the risk:

  • Option: Select a risk treatment option.

  • Claim: The drop-down provides all cybersecurity claims available in the corresponding catalog.

  • CAL: Manually set a cybersecurity assurance level.

  • Reduce risk value to: Set a risk value as a target for any risk mitigation activity.

  • Security Goal: The drop-down provides all cybersecurity goals available in the project.