How to manage risk configurations - RISCOSS/riscoss-corporate GitHub Wiki
RISCOSS performs the analysis using some model-based techniques. The platform uses different models depending the kind of risk to be analysed. The user needs to create different risk configurations with the corresponding risk models to be used for analysing the Assets.
#Step 1: Uploading models The assets management is centralised in the Model manager menu.
images/UI/ModelManager_menu.png
There are 2 kinds of models:
- risk models: including the information about the analysed risks
- goal models: including the organization goals that can be affected by the analysed risk
In both cases, there is an option to upload a file containing a New model (see riscoss-risk-modelling repository)
After clicking the CREATE button, you can add some details about the model and upload the file containing it (using UPLOAD RISK MODEL XML button).
Risk and goal models can also be browsed by choosing the corresponding menu items in the Model Manager menu (i.e., Risk Model and Goal Model Index)
#Step 2: Creating Risk Configurations Once the models to be used for the risk analysis are uploaded to the platform, several Risk Configurations can be created. Each Risk Configuration is facing the group of risks and risk categories to be analysed when the user analyses a concrete Entity (see Risk Sessions Management).
The assets management is centralised in the Risk configuration manager menu.
images/UI/RiskConfigurationManager_menu.png
##Step 2.1 Creating the Risk Configuration Choosing New risk configuration option from Risk configuration manager menu and enter the risk configuration’s name in the form that appears.
images/UI/NewRiskConfiguration.png
After clicking the CREATE button, you can add some details about the entity. Concretely, adding the risk configuration **description **and the Goal model associated to it.
images/UI/RiskConfiguration_form.png
The Risk Configuration is stored in the platform clicking on SAVE & VIEW button.
##Step 2.2 Associating models to the Risk Configuration. In the Risk Configuration form (when the risk configuration is saved or edited), there is a section for each layer configured in the platform (see Asset Management, Step 1: Creating Layers).
images/UI/RiskConfiguration_form_1.png
Risk models can be assigned to any of the Layers using the + button next to the specific layer. The risk model should be selected clicking on the corresponding risk model name.
images/UI/RiskConfiguration_risk_models.png
The risk models associated to a layer can be removed using the – button next to the risk model name.
images/UI/RiskConfiguration_form_2.png
#Step 3: Exploring Models and Risk Configuration Models* can be browsed by choosing the corresponding option in the Model manager menu (i.e. Risk and Goal model index).
Risk Configurations can be browsed by choosing Risk configuration index option in the Risk Configuraiton manager menu.
