UnixTime

Research Note

Template Risk Scenario

markdown type: risk-scenario asset: "" threat: "" vulnerability: "" risk level: "" likelihood: "" impact: "" treatment option: "" related controls: evidence required: owner: ""...

On this page

When to use this

Practical use

Use this as a working artifact. Fill it with real owners, dates, decisions, evidence locations, and review status.

Use this when documenting a reusable ISO/IEC 27005-style risk scenario.

---
type: risk-scenario
asset: ""
threat: ""
vulnerability: ""
risk_level: ""
likelihood: ""
impact: ""
treatment_option: ""
related_controls: []
evidence_required: []
owner: ""
status: draft
tags:
- risk
- iso27005
created: YYYY-MM-DD
updated: YYYY-MM-DD
---
# Risk Scenario - {{asset}} / {{threat}}
## 1. Scenario Description
Describe the risk scenario in business language.
## 2. Asset
Identify the affected asset.
## 3. Threat
Identify the threat source or event.
## 4. Vulnerability
Identify the weakness that makes the threat relevant.
## 5. Impact
Describe business, operational, legal, financial, and reputational impact.
## 6. Likelihood
Describe why the risk is likely or unlikely.
## 7. Risk Rating
Document the risk rating method.
## 8. Treatment Option
Choose one:
- Mitigate
- Transfer
- Avoid
- Accept
## 9. Related Controls
Link to Annex A controls.
## 10. Evidence Required
List evidence required to prove treatment.
## 11. Software Object Mapping
Map this scenario to future data entities.
  • Template
  • Iso27005
  • Risk scenario

Note Metadata

Aliases: Risk Scenario Template

Source: 90 Templates/Template Risk Scenario.md

Graph-sourced resources

Templates and evidence

Risk treatment artifacts

Risk records, mappings, and treatment-supporting references.