Risk Theory

• Numerous methodologies/approaches exist for analysis, assessment and evaluation of risk:

  • FMEA/FMECA (Failure Modes, Effects and Criticality Analysis)

  • FTA (Fault Tree Analysis)

  • CRAMM (UK Gvt. Risk Analysis method)

  • ISO9000-14000 family of standards

  • CCA (Cause Consequence Analysis)

  • MORT (Management Oversight Risk Tree)

  • SMORT (Safety Management Organization Review Tree)

  • CEA (Cost Effectiveness Analysis)

  • CBA (Cost Benefit Analysis)

  • COSO ERM

  • OCTAVE (Carnegie Mellon's Operationally Critical Threat, Asset, and Vulnerability Evaluation)

  • ASSET (National Institute of Standards and Technology [NIST] Automated Security and Self Evaluation Tool)

  • Monte Carlo

  • …and hundreds more!!!