Title Page

  • Conducted on

  • System Owner

  • Prepared by

  • Site/Location

Network Security Risk Assessment

General

  • Describe the purpose of this Network Security Risk Assessment

  • Describe the scope of the risk assessment (including system components, elements, users, field site locations (if any), and any other details about the system to be considered in the assessment)

  • List all participants including role (e.g. system owner, system custodian, security admin, database admin, network manager, risk assessment team, etc.)

  • Describe key technology components (applications, databases, operating systems, networks, interconnections, protocols)

  • Describe how users access the system and their intended use of the system

Risk Assessment

  • Click Add Vulnerability (+) after you have identified a vulnerability or threat source

  • Vulnerability

Threat Source & Vulnerability

  • Observation

  • Threat source/ vulnerability

  • Enter threat/vulnerability

  • Evidence (flow diagrams, screenshots etc.) (optional)

  • Existing controls

Risk rating

  • Consequence

  • Likelihood

  • Risk rating

Recommended Controls

  • Recommended controls or alternative options for reducing risk

Completion

  • Recommendations

  • Name and Signature

The templates available in our Public Library have been created by our customers and employees to help get you started using SafetyCulture's solutions. The templates are intended to be used as hypothetical examples only and should not be used as a substitute for professional advice. You should seek your own professional advice to determine if the use of a template is permissible in your workplace or jurisdiction. You should independently determine whether the template is suitable for your circumstances.