Viewing Threats

HOPEX IT Risk Management : HOPEX IT Risk Management : Managing inventories : Inventory for Threats and Vulnerabilities : Viewing Threats

Viewing Threats

Threats are external or internal factors that endanger the IT assets of the enterprise. Each threat contains a set of vulnerabilities. For more details, see "Viewing Vulnerabilities".

Accessing threats

To access threats:

1. See "Accessing the IT Inventory".

2. Click Inventories > Threats and Vulnerabilities > All Threats.

You can also access threats by threat type. See "Threat characteristics".

Creating a threat type

To create a threat type:

1. From the inventory, click Threats and Vulnerabilities > Threats and Vulnerabilities.

2. Right-click on the root of the "Threats and Vulnerabilities" tree and select New > Threat Type.

The threat type appears in the tree.

Threat characteristics

You can:

• specify the threat type to which the threat belongs

The types of threats are used to organize threats into different categories (e.g.: physical harm, natural events, technical fault, etc.) To create a threat type, see "Creating a threat type"

• connect vulnerabilities to the threat in the corresponding section.

Vulnerabilities are failures to control an IT asset that makes it vulnerable to a threat and can lead to a breach of confidentiality, lack of integrity or availability of this asset. For more details, see "Viewing Vulnerabilities".