Copyright DB Netz AG, licensed under CC-BY SA 3.0 DE (see full text in CC-BY-SA-3.0-DE)
ARCH.017 Assess security risks of scenario
SM-2753
-
Populate Confluence page for activity definition: ARCH.017 Assess information security risks of scenario
Finished
Goal | Specify how information and physical security risks will be managed down to an acceptable level |
---|---|
Requirements met by this process step | DB Regulation 0451.0100 DB Regulation 0114.0210 (and thereby ISO 27001) |
Inputs | See sub-activity definitions |
Outputs | See sub-activity definitions |
Methodology | See sub-activity definitions ARCH.021 Evaluate security risks ARCH.022 Define operational security measures ARCH.023 Allocate security responsibilites (op. activity to op. entity/actor) |
Tools and non-human resources | See sub-activity definitions |
Cardinality | Once per operational capability |
Completion criteria | See sub-activity definitions |
Design review | |
Step done by (Responsible) | See sub-activity definitions |
Provides input to/assists (Contributes) | See sub-activity definitions |
Uses outputs (Informed) | See sub-activity definitions |