Risk assessment is the appraisal of probability and significance of identified potential risk events. It means asking how likely is it and how bad will it be if certain risk events happen.
Risk is quantified using the formulae:
Risk = Likelihood x Impact
(Probability) (Averse consequences)
Vulnerability Assessment
Is the process designed to identify, quantify and prioritize areas in which a system, supply chain organization is particularly open to risk or attack.
Stages of Vulnerability Assessment
1. Listing and Cataloguing the risk sources in a given system.
2. Assigning a quantifiable value, score, rank, order of importance to them.
3. Identify the vulnerabilities to each source.
4. Planning to instigate or eliminate the most serious vulnerabilities for the most valuable resources.