Refine RISK taxonomy into a single consistent hierarchy

w3c / dpv

Data Privacy Vocabularies and Controls CG (DPVCG)

https://w3id.org/dpv

Other

43 stars 26 forks source link

Refine RISK taxonomy into a single consistent hierarchy #181

Open coolharsh55 opened 2 months ago

coolharsh55 commented 2 months ago

Specs

RISK

New Concept(s)

Refine the RISK taxonomy of concepts to create a single hierarchy of 'events' which the adopter then chooses with a role: risk, consequence, impact, or risk source.

Changed Concept(s)

No response

coolharsh55 commented 2 months ago

Discussed with Rob Brennan, Delaram, and Julio who were involved in creating the risk assessment concepts. Conclusion: we have RiskConcept as the parent concept and then organise the hierarchy under it.

coolharsh55 commented 2 months ago

Rob suggested we have the CIA triad from InfoSec in there somewhere as it will help security folks find the right concept. I have re-organised the risk sources / threats concepts under CIA and kept the other groups regarding impact. See live at: https://dev.dpvcg.org/2.1-dev/risk/