Risk Analysis with MAGERIT and Risk Matrix Application
Description
This laboratory develops practical skills in information security risk analysis using the MAGERIT methodology and risk matrix modeling. Students will work on a case study involving a small financial services company (FinSecure Ltd.) that faces threats to its information systems. They will identify critical information assets, evaluate associated threats and vulnerabilities, calculate risk levels, and represent results in a risk matrix and heat map. The laboratory emphasizes decision-making based on risk prioritization and prepares students to propose practical safeguards aligned with ISO 31000 and ISO/IEC 27001 standards.
Files
Steps to reproduce
This folder contains the laboratory guide, expected outcomes, and supporting artifacts for the MAGERIT risk analysis lab. It includes the problem description, expanded requirements, expected outcomes, asset inventory, threat/vulnerability registers, risk evaluation examples, risk matrix templates, mitigation proposals, and verification checklists. All content is intended for reproducibility and submission to Mendeley Data.
Institutions
- Universidad Cooperativa de Colombia