ISACA released a new guide for IT risk professionals that acts as a blueprint for organizations. The COBIT 5 for Risk includes more than 100 risk scenarios in 20 categories of cyber, privacy, and operational IT risks. Risk IT gives organizations a framework and format to go through that whole process, plus some guidance as well. Robert Stroud: “The first thing you’re going to do is identify your risk, threat, and opportunity, and that will give you a series of processes that you can then put in place to mitigate the risk””]
Source: https://www.darkreading.com/analytics/developing-a-system-for-identifying-and-prioritizing-risk