Also found in: Wikipedia.
CRAMMCCTA Risk Analysis and Management Method
References in periodicals archive ?
The impact consequences have been adopted from CRAMM [11] as follows:
CRAMM is a qualitative risk analysis and management method that was developed by the UK Government Central Computer and Telecommunications Agency in 1985 to provide government departments with a method for revising the security of information systems [9].
CRAMM is used to analyse risk for different groups of assets versus the threats to which the asset is vulnerable on a scale of 1 to 7.
The OCTAVE, CRAMM, CORAS and VECTOR matrix methods are good choices for risk analysis, but in different steps of implementation.