Determine the likelihood the threat event, once it is
initiated or occurs, will result in an adverse impact, regardless of the magnitude
of harm (i.e., impact)
Source: CNSSI-1254 appendix C RAR Data elements #15, NIST SP 800-30
Describe the overall level of risk
(e.g., very low, low, moderate, high, or very high) to the system, considering all
individual
risks, mitigating factors, environment, architecture, system's security categorization,
historical evidence, etc.
Source: CNSSI-1254 appendix C RAR Data elements #20, NIST SP 800-30
Source
<xsd:element name="LikelihoodOfSuccess" type="boe:RatedScaleResponseType"><xsd:annotation><xsd:documentation><p xmlns="http://www.w3.org/1999/xhtml" ism:classification="U" ism:ownerProducer="USA">Determine the likelihood the threat event, once it is initiated or occurs, will result in an adverse impact, regardless of the magnitude of harm (i.e., impact)</p><p xmlns="http://www.w3.org/1999/xhtml" ism:ownerProducer="USA" ism:classification="U">Source: CNSSI-1254 appendix C RAR Data elements #15, NIST SP 800-30</p></xsd:documentation></xsd:annotation></xsd:element>
Schema location
BOE.xsd Copy and paste this link to your file browser, clicking the link MAY open in the browser. Opening in an XML aware editor is best.
This document has been approved for Public Release by the Office of the Director of National Intelligence. See Distribution Notice for details.
Click Here