Process Mapping and Risk Modeling
Summary
Purpose
Guiding Questions
Operational Security
Preparation
Outputs
Activities
Footnotes
References and resources for Process Mapping and Risk Modeling
-
Overview: "An Introduction to Threat Modeling" (Surveillance Self-Defense)
-
Guide: "Risk Assessment" (Workbook on Security: Practical Steps for Human Rights Defenders at Risk - Chapter 2)
-
Guide: "Threat Assessment: Chapter 2.5 p. 38" (Operational Security Management in Violent Environments (Revised Edition))
-
Guide: "Defining The Threshold Of Acceptable Risk" (Integrated Security)
-
Guide: "Guide for Conducting Risk Assessments" (NIST 800-30)
-
Report: "Risk Thresholds in Humanitarian Assistance" (European Interagency Security Forum)
- Book: "Threat Modeling: Designing for Security" (Adam Shostack)
- Website: "An Introduction to Threat Modeling" (Surveillance Self-Defense)
- Article: "Security for Journalists, Part Two: Threat Modeling" (Jonathan Stray)
- Guide: "Managing Information Security Risk: Organization, Mission, and Information System View" (NIST)
- Guide: "Guide for Conducting Risk Assessments" (NIST)
- Activity: "Threat Model Activity" (Tow Center)
- Tool: Deciduous Threat Decision Tree Generator Guide | Tool including sample Tree (Kelly Shortridge)
-
Guide: "Risk Assessment" (Operational Security Management in Violent Environments (Revised Edition) - Chapter 2)
-
Guide: Risk Assessment (Workbook on Security: Practical Steps for Human Rights Defenders at Risk - Chapter 2)
-
Book: "Pre-Mortum Strategy" (Sources of Power: How People Make Decisions - p.71)
- Guide: "Threat Assessment: Chapter 2.5 p. 38" (Operational Security Management in Violent Environments (Revised Edition))
- manual: Establishing the threat level of direct attacks (targeting) (Protection Manual for Human Rights Defenders)
-
Guide: "Defining The Threshold Of Acceptable Risk" (Integrated Security)
-
Guide: "Risk Analysis: Chapter 2.7 - Operational Security Management in Violent Environments (Revised Edition)" (HPN - Humanitarian Practice Network)
- Article: ["Operational Security Management in Violent Environments (Revised Edition)
- Chapter 2 Risk assessment"](http://www.odihpn.org/index.php?option=com_k2&view=item&layout=item&id=3159) (HPN - Humanitarian Practice Network)
-
Guide: "Risk Assessment For Personal Security" (CPNI - Centre for the Protection of National Infrastructure)s
-
Guide: "Threat Assessment & the Security Circle" (Frontline Defenders)
-
Case Study: "Case Study 1 Creating a Security Policy" (Frontline Defenders)
Risk Modeling:
Threat Modeling Resources (General):
Risk Assessment Activities:
Threat Assessment Activities:
Example text for introducing threats - Integrated Security
Written exercise: Threats assessment - Integrated Security
Risk Matrix Activities:
Alternative Risk Modeling Activities:
Workbook on Security: Practical Steps for Human Rights Defenders at Risk