When assessing the operational risks pertaining to the development and/or operation of a piece of software or an information system, some important criteria for choosing an appropriate risk management or risk assessment framework are:
  • Size of the organization
  • Security needs
  • The business context
  • Availability of experts
  • System/software criticality
  • Time-frame for conducting the assessment

Use the form below to narrow down your choices of suitable risk assessment methodology: