Upload Risk Register
Risk Analysis Statistics
Number of Risks
7
Mean Loss (Simulated)
$299,540
50th Percentile (Median)
$280,066
90th Percentile
$422,099
95th Percentile
$483,190
99th Percentile
$648,393
Loss Exceedance Curve
Risk Register Data
| Risk ID | Threat Source | Vulnerability | Low Cost | High Cost | Confidence | Mitigation Strategy | Owner |
|---|---|---|---|---|---|---|---|
| R1 | External attacker | Weak passwords / lack of MFA | 10000 | 80000 | 90% | Implement MFA, enforce strong password policy, user awareness training | IT Security |
| R2 | Insider (malicious or careless) | Excessive user privileges | 15000 | 100000 | 90% | Least privilege access, periodic access reviews, monitoring of privileged accounts | IT / HR |
| R3 | Malware / Ransomware | Outdated patches on endpoints | 20000 | 250000 | 90% | Regular patch management, endpoint protection, user training on phishing | IT Ops |
| R4 | Natural disaster | Data center outage | 10000 | 100000 | 90% | Disaster Recovery (DR) plan, cloud backup, alternate site readiness | Business Continuity Team |
| R5 | Third-party vendor | Insecure API integrations | 25000 | 100000 | 90% | Vendor risk assessment, API security testing, contractual security requirements | Procurement / IT |
| R6 | Phishing / Social Engineering | Lack of awareness training | 5000 | 15000 | 90% | Security awareness program, simulated phishing tests, email filtering | Security Awareness Lead |
| R7 | Data leakage | Misconfigured cloud storage | 5000 | 50000 | 90% | Cloud configuration audits, automated monitoring, encryption | Cloud Admin |