Threat analysis and risk assessment coaching

Why, when, and how to perform a security risk analysis. We support you to create a security risk analysis for one of your own systems.

3 days

A solid threat analysis and risk assessment (TARA)is the basis of a thorough security concept and thus of all security-related steps in the development process. In this advanced coaching, we explain an established and approved TARA methodology that is based on the Common Criteria and fully aligned with ISO/SAE 21434.
The theoretical part is complemented by a practical part. Here, the customer team creates a TARA for one of their systems, while the ESCRYPT trainer provides support and reviews.
  • Product and project managers who need to understand the methodology of a threat analysis and risk assessment in the context of the product development process
  • Security managers who are responsible for conducting the threat analysis and risk assessment during the product development process
Coaching topics
  • Learn and understand how the threat analysis and risk assessment contributes to efficient and effective risk management, e.g., in the context of ISO/SAE 21434
  • Get to know a methodology how a threat analysis and risk assessment is performed
  • Carry out a threat analysis and risk assessment for one of your systems
  • Basic knowledge of product development processes
  • Detailed understanding and awareness of security risks for your product category
  • Overview and description of the system that is to be evaluated
  • 3 days (spread over approx. 3 month)
ISO 9001:2015