Assessment Details Completion Guidance Risk Assessment Title:
Short, descriptive title
Risk Assessment Scope:
Version:
Describe the scope of the risk assessment e.g. location, process, assets Describe the general environment in which the assessment is carried out and internal and external factors affecting it Set out the factors which will make a risk acceptable and therefore not require mitigation Start at Version 1
Dated:
Date the assessment was carried out
Risk Assessor(s):
Approval:
Name and title of person(s) carrying out the risk assessment Names and titles of people contributing to the risk assessment Name and title of approver
Date Approved:
Date the assessment was approved
Context of Risk Assessment:
Risk Acceptance Criteria:
Risk Assessment Participants:
[Note: to choose a different table layout, click in the table, select the Design menu ribbon and choose a table style]
Cardholder ... (blank)
Risk Owner
Risk Level
(blank)
Calculated
Cardholder Data Environment Risk Assessment Workbook Start with the risks that are felt to have the highest likelihood and impact combination first. Risk Description Ref.
Cardholder Data Environment Asset
Vulnerability
Threat
Pre-mitigation Risk Description
Risk Owner
Existing Controls
Likelihood
Likelihood Rationale
Impact
Impact Rationale
Risk Score
Risk Level
1 2
Select… Select…
Select… Select…
Calculated Calculated
Calculated Calculated
3
Select…
Select…
Calculated
Calculated
4
Select…
Select…
Calculated
Calculated
5
Select…
Select…
Calculated
Calculated
6
Select…
Select…
Calculated
Calculated
7
Select…
Select…
Calculated
Calculated
8
Select…
Select…
Calculated
Calculated
9
Select…
Select…
Calculated
Calculated
10
Select…
Select…
Calculated
Calculated
11
Select…
Select…
Calculated
Calculated
12
Select…
Select…
Calculated
Calculated
13
Select…
Select…
Calculated
Calculated
14
Select…
Select…
Calculated
Calculated
15
Select…
Select…
Calculated
Calculated
16
Select…
Select…
Calculated
Calculated
17
Select…
Select…
Calculated
Calculated
18
Select…
Select…
Calculated
Calculated
19
Select…
Select…
Calculated
Calculated
20
Select…
Select…
Calculated
Calculated
Note – Not all columns are shown
Threats The following is a standard list of typical threats that may be use as guidance for your risk assessment. Threat Category Human
Threat Malicious outsider Malicious insider Loss of key personnel Human error Accidental loss
Example Someone launches a denial of service attack on your cloud service platform An employee or trusted third party accesses cardholder data in an unauthorised manner from inside your network One or more people with key skills or knowledge are unavailable perhaps due to extended sickness An employee accidentally deletes cardholder data A manager loses a memory stick with cardholder data on it
Natural
Fire Flood Severe weather Earthquake Lightning
Your data centre burns down due to an electrical fault The nearby river breaks its banks and your main office is severely flooded Non-one can get into the office due to the weather The area of your main data centre is affected by an earth tremor that damages all your servers All your servers are fried by a lightning strike on the data centre building
Technical
Hardware failure Software failure Virus/Malicious code
A key physical server has a processor failure Your financial system processes invoices incorrectly due to a bug A virus spreads throughout your network preventing access to your (and your customers') data
Physical
Sabotage Theft Arson
A disgruntled ex-employee takes an axe to your server room You come in on Monday morning to find some important drives have been stolen Someone with a grudge against your organisation starts a fire during the night
Environmental
Hazardous waste Power failure Gas supply failure
A lorry carrying hazardous waste has an accident outside your office The sub-station supplying your area has a meltdown There is a suspected leak and all supplies are turned off
Operational
Process error
Your new data transfer procedure doesn't cater for unexpected circumstances and cardholder data is lost or sent to the wrong destination A crime happens in or near your office and the area is sealed off by police
Crime scene
Likelihood The following table should be used to decide upon the most appropriate likelihood for a particular threat. Likelihood 1 2 3 4 5
Description Improbable Unlikely Likely Very Likely Almost certain
Summary Has never happened before and there is no reason to think it is any more likely now There is a possibility that it could happen, but it probably won't On balance, the risk is more likely to happen than not It would be a surprise if the risk did not occur either based on past frequency or current circumstances Either already happens regularly or there is some reason to believe it is virtually imminent
Impact The following table should be used as guidance to help to decide upon the correct impact rating for a particular threat.
Impact Level
Impact Rating General Description 1 Negligible
Impact Areas Impact on product or service quality No effect
Impact on financial viability Very little or none
Impact on staff or public well-being Damage to Reputation Very small additional risk No adverse comment
Impact of breaching legal or regulatory requirements Environmental damage No implications Negligible
2
Slight
Some local disturbance to Some normal business operations
Within acceptable limits
Localised discontent
Small risk of not meeting compliance
Small, very local impact that can be managed and corrected
3
Moderate
Unwelcome but could be borne
Elevated risk requiring immediate attention
Some internal and external criticism
In definite danger of operating illegally
Impact restricted geographically and can be corrected quickly
4
High
Can still deliver product/service with some difficulty Business is crippled in key areas
Severe effect on income and/or profit
Significant danger to life
A severe test of customer loyalty
Operating illegally in some areas
5
Very High
Trust in organization is irreparably damaged
Severe fines and possible imprisonment of staff
Geographically wide impact area with a degree of cleanup possible over time Catastrophic impact affecting the environment badly over a wide area
Out of business; no service Crippling; the Real or strong potential to customers organisation will go out of loss of life business
Classification of Risk Level The chart below shows the rating scheme used to determine risk level based on a combination of likelihood and impact. RISK SCORE 5 HIGH 4
Risk Likelihood
MEDIUM
3
2 LOW 1
1
2
3
Risk Impact
4
5