Introduction¶
Risk assessment is the engine of Security by Design. Without it, security decisions are based on habit, fear, or guesswork rather than evidence. This section introduces risk assessment as the structured discipline of identifying what could go wrong, how likely it is, and what the consequences would be.
We begin by defining exactly what a risk assessment is — distinguishing it from related concepts such as threat modelling or compliance auditing. You will learn the standard terminology (asset, threat, vulnerability, impact, likelihood) and how these elements combine to produce a risk rating. Crucially, we establish why risk assessment must occur early in the design phase, not as a retrospective tick-box exercise.
From there, the section moves into the practical work of risk identification and analysis. You will learn systematic techniques for uncovering threats and vulnerabilities across people, process, and technology domains. We then explore how to analyse identified risks by estimating likelihood and impact, using both qualitative scales (e.g., high, medium, low) and simple quantitative methods where appropriate. By the end of this process, you will be able to produce a prioritised list of risks that directly informs design decisions.
Learning Objectives¶
By the end of this section, you will be able to:
Define a risk assessment and explain how it differs from threat modelling and compliance audits
Accurately use the core terms: asset, threat, vulnerability, impact, and likelihood
Justify why risk assessment must be performed early in the Security by Design lifecycle
Apply systematic methods to identify relevant threats and vulnerabilities for a given system
Analyse identified risks by estimating likelihood and impact using qualitative scales
Produce a prioritised risk list that can directly inform security control selection