Stages of Risk Assessment Process

Risk Determination quantify the probability of attack, it’s impact, and the adequacy of current or planned controls.
Control recommendations considers the effectiveness, performance impacts, safety and reliability of control options.
Likelihood determination considers the capability and motivation of threat sources in terms of vulnerability.
Results documentation presents the threat and vulnerability pairings with associated cost-benefit data.
Impact Analysis quantifies or rates potential losses to integrity, availability and confidentiality of relevant data.