By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
World of SoftwareWorld of SoftwareWorld of Software
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Search
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
Reading: 6 risk assessment frameworks in comparison | Computer Week
Share
Sign In
Notification Show More
Font ResizerAa
World of SoftwareWorld of Software
Font ResizerAa
  • Software
  • Mobile
  • Computing
  • Gadget
  • Gaming
  • Videos
Search
  • News
  • Software
  • Mobile
  • Computing
  • Gaming
  • Videos
  • More
    • Gadget
    • Web Stories
    • Trending
    • Press Release
Have an existing account? Sign In
Follow US
  • Privacy
  • Terms
  • Advertise
  • Contact
Copyright © All Rights Reserved. World of Software.
World of Software > News > 6 risk assessment frameworks in comparison | Computer Week
News

6 risk assessment frameworks in comparison | Computer Week

News Room
Last updated: 2026/07/13 at 4:55 PM
News Room Published 13 July 2026
Share
6 risk assessment frameworks in comparison | Computer Week
SHARE

4. NIST Risk Management Framework

This is it: The Risk Management Framework (RMF) was developed by the US agency NIST (National Institute of Standards and Technology). This framework focuses on a comprehensive, reusable and measurable seven-step process to manage IT and data protection risks. A whole range of NIST’s own standards and guidelines are used to support the implementation of risk management initiatives.

This is what it can do: According to NIST, the RMF implements a process that integrates security, privacy and supply chain risk management activities into the system development lifecycle. The approach takes into account effectiveness, efficiency and restrictions imposed by applicable laws, directives, orders, guidelines, standards or regulations.

This is how it works: The seven-step process of the NIST RMF is divided into:

  1. essential activities to prepare the organization for managing security and privacy risks to prepare.
  2. Systems and data that are processed, stored and transmitted based on an impact analysis categorize.
  3. a series of control measures chooseto protect systems based on a risk assessment.
  4. Control measures implement – and document how this happens.
  5. Review control measures and evaluatewhether these work as desired.
  6. System operation based on a risk-based decision authorize.
  7. Implementation and system risks continuously monitor.

Good to know: The RMF provides a procedural and organized process to help organizations embed security into their overall risk management processes.

5. OCTAVE

This is it: OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation (PDF)) is a framework for identifying and managing cybersecurity risks. It was developed by the CERT team at Carnegie Mellon University in the USA.

This is what it can do: This risk assessment framework defines a comprehensive evaluation method. This not only enables companies to identify mission-critical IT assets, but also the threats associated with them and the vulnerabilities that make this possible.

This is how it works: According to those responsible, the compilation of IT assets, threats and vulnerabilities allows companies to penetrate which data is really at risk. Armed with this understanding, users can develop and implement a protection strategy to protect them sustainably.

Good to know: The OCTAVE framework is available in two versions.

  • OCTAVE-S offers a simplified methodology aimed at smaller companies with flat hierarchical structures.
  • OCTAVE Allegro, on the other hand, is a more comprehensive framework that is primarily suitable for large companies or those with complex structures.

6. TARA

This is it: TARA (Threat Assessment and Remediation Analysis) represents an engineering methodology that can be used to identify, evaluate and resolve security gaps. This framework was developed by the non-profit organization MITER.

This is what it can do: The framework is part of the MITER system portfolio, which is designed to address cybersecurity hygiene and the resilience of IT systems at the earliest possible stage (within the procurement process).

This is how it works: The TARA framework uses a data catalog to identify attack vectors that could be used to exploit system vulnerabilities and initiate potential countermeasures.

Good to know: TARA was originally developed in 2010 and has already been used in more than 30 cyber risk assessments. This framework is particularly suitable for risk studies that focus on security threats. (fm)

This article originally appeared at our sister publication CSOonline.com.

Sign Up For Daily Newsletter

Be keep up! Get the latest breaking news delivered straight to your inbox.
By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Share This Article
Facebook Twitter Email Print
Share
What do you think?
Love0
Sad0
Happy0
Sleepy0
Angry0
Dead0
Wink0
Previous Article US states are suing over Warner Bros. Discovery takeover by Paramount US states are suing over Warner Bros. Discovery takeover by Paramount
Next Article At almost -55%, the Honor Magic 7 Lite drops to a price that is downright dreamy 🤩 At almost -55%, the Honor Magic 7 Lite drops to a price that is downright dreamy 🤩
Leave a comment

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Stay Connected

248.1k Like
69.1k Follow
134k Pin
54.3k Follow

Latest News

recover the first stage of a rocket, and he has done it his way
recover the first stage of a rocket, and he has done it his way
Gaming
At almost -55%, the Honor Magic 7 Lite drops to a price that is downright dreamy 🤩
At almost -55%, the Honor Magic 7 Lite drops to a price that is downright dreamy 🤩
Mobile
US states are suing over Warner Bros. Discovery takeover by Paramount
US states are suing over Warner Bros. Discovery takeover by Paramount
Software
Big Brother is moving into the new cars, and it’s now the law
Big Brother is moving into the new cars, and it’s now the law
Computing

You Might also Like

The data scientist is dead…
News

The data scientist is dead…

4 Min Read
AI security: Keep data streams under control
News

AI security: Keep data streams under control

2 Min Read
Tutorial: Install Python correctly | Computer Week
News

Tutorial: Install Python correctly | Computer Week

6 Min Read
AI recruiting: This is how your application cracks the algorithm
News

AI recruiting: This is how your application cracks the algorithm

4 Min Read
//

World of Software is your one-stop website for the latest tech news and updates, follow us now to get the news that matters to you.

Quick Link

  • Privacy Policy
  • Terms of use
  • Advertise
  • Contact

Topics

  • Computing
  • Software
  • Press Release
  • Trending

Sign Up for Our Newsletter

Subscribe to our newsletter to get our newest articles instantly!

World of SoftwareWorld of Software
Follow US
Copyright © All Rights Reserved. World of Software.
Welcome Back!

Sign in to your account

Lost your password?