Vulnerability assessment

Vulnerability assessment

A vulnerability assessment is the process of identifying, quantifying, and prioritizing (or ranking) the vulnerabilities in a system. Examples of systems for which vulnerability assessments are performed for include, but are not limited to, nuclear power plants, information technology systems, energy supply systems, water supply systems, transportation systems, and communication systems. Vulnerability assessments can be conducted for small businesses to large regional infrastructures.

Vulnerability assessment has many things in common with risk assessment. Assessments are typically performed according to the following steps:

# Cataloging assets and capabilities (resources) in a system.
# Assigning quantifiable value (or at least rank order) and importance to those resources
# Identifying the vulnerabilities or potential threats to each resource
# Mitigating or eliminating the most serious vulnerabilities for the most valuable resources

"Classical risk analysis is principally concerned with investigating the risks surrounding physical plant (or some other object), its design and operations. Such analyses tend to focus on causes and the direct consequences for the studied object. Vulnerability analyses, on the other hand, focus both on consequences for the object itself and on primary and secondary consequences for the surrounding environment. It also concerns itself with the possibilities of reducing such consequences and of improving the capacity to manage future incidents." (Lövkvist-Andersen, "et al.", 2004) In general, a vulnerability analysis serves to "categorize key assets and drive the risk management process." (United States Department of Energy, 2002)1

In the United States, guides providing valuable considerations and templates for completing a vulnerability assessment are available from numerous agencies including the Department of Energy, the Environmental Protection Agency, and the United States Department of Transportation, just to name a few.

References

US Department of Energy. (2002). Vulnerability Assessment Methodology, Electric Power Infrastructure. [http://www.esisac.com/publicdocs/assessment_methods/VA.pdf]


Wikimedia Foundation. 2010.

Игры ⚽ Нужна курсовая?

Look at other dictionaries:

  • vulnerability assessment — A Department of Defense, command, or unit level evaluation (assessment) to determine the vulnerability of a terrorist attack against an installation, unit, exercise, port, ship, residence, facility, or other site. Identifies areas of improvement… …   Military dictionary

  • Retina Vulnerability Assessment Scanner — is a vulnerability scanner created by eEye Digital Security that remotely scans a network for security vulnerabilities and assigns a level of threat to those discovered. It is only intended for corporate or government use. Purchase or evaluation… …   Wikipedia

  • OpenSource Vulnerability Assessment Scanner — OpenVAS OpenVAS Développeur Intevation GMBH Dernière version …   Wikipédia en Français

  • Open source Vulnerability Assessment Scanner — OpenVAS OpenVAS Développeur Intevation GMBH Dernière version …   Wikipédia en Français

  • nuclear vulnerability assessment — branduolinio poveikio įvertinimas statusas T sritis apsauga nuo naikinimo priemonių apibrėžtis Galimo branduolinio smūgio prognozuojamo poveikio gyventojams, kariuomenei ir ištekliams įvertinimas. Jis pirmiausia atliekamas prieš smūgį; tačiau… …   Apsaugos nuo naikinimo priemonių enciklopedinis žodynas

  • nuclear vulnerability assessment — branduolinio poveikio įvertinimas statusas T sritis Gynyba apibrėžtis Branduolinio ginklo naudojimo galimų padarinių gyventojams, pajėgoms ir ištekliams įvertinimas. Dažniausiai atliekamas prieš puolimą, tačiau gali būti pratęstas puolimo ar… …   NATO terminų aiškinamasis žodynas

  • nuclear vulnerability assessment — The estimation of the probable effect on population, forces, and resources from a hypothetical nuclear attack. It is performed predominantly in the preattack period; however, it may be extended to the transattack or postattack periods …   Military dictionary

  • threat and vulnerability assessment — In antiterrorism, the pairing of a facility …   Military dictionary

  • Vulnerability — For other uses of the word Vulnerability , please refer to vulnerability (computing) You may also want to refer to natural disaster. Vulnerability is the susceptibility to physical or emotional injury or attack. It also means to have one s guard… …   Wikipedia

  • Social vulnerability — Research on social vulnerability to date has stemmed from a variety of fields in the natural and social sciences. Each field has defined the concept differently, manifest in a host of definitions and approaches (Blaikie, Cannon et al. 1994;… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”